CVE-2026-22899EPSS p19.5%

CVE-2026-22899CVE-2026-22899

qnap / file_station

Description

A NULL pointer dereference vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5208 and later

Scoring

CVSS 6.5 ()
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS0.28% probability of exploitation · percentile 19.5% · 2026-06-19T12:03:05Z
Last modified2026-06-12

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-26239
CVE
CVE-2026-26241
CVE
CVE-2026-26240
CVE
CVE-2026-24720
CVE
CVE-2026-24724
CVE
CVE-2025-47206
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.