CVE-2026-26237NVD

Vulnerability Summary

A missing authorization vulnerability has been reported to affect QuMagie. The remote attackers can then exploit the vulnerability to access unauthorized data or perform unauthorized actions.

We have already fixed the vulnerability in the following version:
QuMagie 2.9.0 and later

Severity Level

UNKNOWN

Published Date

Jun 10, 2026

Last Modified

Jun 17, 2026

Exploitation Status

No confirmed exploitation yet

EPSS Score (30-Day)

0.28%Probability

Root Weakness (CWE)

N/A

External References

https://www.qnap.com/en/security-advisory/qsa-26-35