Skip to content

IoT OT Security News

  • Tracking
  • In The Era
  • CISA KEV
  • Security by Design
  • Statistics
  • About
IoT OT Security News

Tag: CVE-2026-22899

QNAP NAS 製品群の複数の深刻な脆弱性が FIX:認証情報窃取や DoS などの恐れ

QNAP Fixes 14 Vulnerabilities in QTS, QuTS Hero, QuTS Cloud, and QVP

2026/06/22 gbhackers — QNAP はセキュリティ・アドバイザリ QSA-26-10 を公開し、広く使用されている NAS および監視プラットフォームである QTS/QuTS hero/QuTS cloud/QVP (QVR Pro アプライアンス) に影響を与える 14 件の脆弱性 (Important) に対処した。

Continue reading “QNAP NAS 製品群の複数の深刻な脆弱性が FIX:認証情報窃取や DoS などの恐れ”
Unknown's avatarAuthor AiototsecPosted on June 22, 2026June 29, 2026Categories VulnerabilityTags CVE-2025-59382, CVE-2025-62858, CVE-2025-66273, CVE-2025-66279, CVE-2025-66280, CVE-2025-66281, CVE-2025-68405, CVE-2026-22893, CVE-2026-22899, CVE-2026-24720, CVE-2026-24724, CVE-2026-26239, CVE-2026-26240, CVE-2026-26241, NAS, QNAP, Vulnerability

Categories Dropdown

  • Twitter
  • Facebook
July 2026
M T W T F S S
 12345
6789101112
13141516171819
20212223242526
2728293031  
« Jun    

Top Posts & Pages

  • libssh2 の脆弱性 CVE-2026-55200 が FIX:細工された SSH パケットによる RCE の恐れ
  • FortiBleed 続報:FortigateSniffer というツールで最大規模の認証情報窃取を展開
  • FFmpeg の脆弱性 PixelSmash CVE-2026-8461:細工されたメディア・ファイルによる RCE の恐れ
  • Dify の脆弱性群 DifyTap が FIX:AI アプリ 100万件でテナント間データ漏洩の恐れ
  • OpenAI が GPT-5.5-Cyber を公開:主要セキュリティ・ベンチマークで最高水準の性能を記録
  • Microsoft Exchange の SSRF 脆弱性 CVE-2026-45502:PoC の公開と悪用リスク
  • Webmin の深刻な脆弱性群が FIX:認証バイパスや root レベル制御 奪取の可能性
  • Cisco Unified CM/SME の脆弱性 CVE-2026-20230 が FIX:SSRF と root 侵害の恐れ
  • Anthropic が "Claude Tag" AI エージェントをリリース:Slack 内で Opus 4.8 を活用
  • Grafana Labs がサプライチェーン攻撃の詳細を公開:GitHub リポジトリの複製を確認

Categories

API APT Asia AuthN AuthZ BruteForce BugBounty CyberAttack DarkWeb DataBreach DataLeak DDoS DoubleExtortion Exploit Geopolitics Literacy LOLbin MageCartAttack Malware MCP MisConfiguration NHI Outage ParadigmShift Privacy Protection RaaS Ransomware RAT Repository Research Resilience Scammer SecTools SocialEngineering SupplyChain TTP Uncategorized Vulnerability WateringHoleAttack Zero Trust _AI/ML _CDN _Cloud _Container _CryptCcurrency _Defence _Education _Finance _Government _HealthCare _Human _ICS _IDS/IPS _Industry _Infrastructure _Mobile _OpenSource _PLC _Regulation _Retail _RTOS _Space _Statistics _Storage _Telecom _Transportation

Archives

  • June 2026 (133)
  • May 2026 (180)
  • April 2026 (193)
  • March 2026 (183)
  • February 2026 (185)
  • January 2026 (177)
  • December 2025 (159)
  • November 2025 (156)
  • October 2025 (177)
  • September 2025 (172)
  • August 2025 (165)
  • July 2025 (176)
  • June 2025 (192)
  • May 2025 (216)
  • April 2025 (192)
  • March 2025 (208)
  • February 2025 (181)
  • January 2025 (185)
  • December 2024 (172)
  • November 2024 (166)
  • October 2024 (184)
  • September 2024 (171)
  • August 2024 (183)
  • July 2024 (188)
  • June 2024 (156)
  • May 2024 (156)
  • April 2024 (155)
  • March 2024 (151)
  • February 2024 (131)
  • January 2024 (132)
  • December 2023 (116)
  • November 2023 (131)
  • October 2023 (124)
  • September 2023 (101)
  • August 2023 (111)
  • July 2023 (110)
  • June 2023 (113)
  • May 2023 (129)
  • April 2023 (127)
  • March 2023 (129)
  • February 2023 (118)
  • January 2023 (138)
  • December 2022 (106)
  • November 2022 (114)
  • October 2022 (120)
  • September 2022 (118)
  • August 2022 (133)
  • July 2022 (97)
  • June 2022 (117)
  • May 2022 (94)
  • April 2022 (112)
  • March 2022 (132)
  • February 2022 (105)
  • January 2022 (128)
  • December 2021 (111)
  • November 2021 (100)
  • October 2021 (110)
  • September 2021 (131)
  • August 2021 (105)
  • July 2021 (105)
  • June 2021 (103)
  • May 2021 (72)
  • April 2021 (58)

Categories

  • API (242)
  • APT (526)
  • Asia (400)
  • AuthN AuthZ (799)
  • BruteForce (67)
  • BugBounty (78)
  • CyberAttack (3,377)
  • DarkWeb (228)
  • DataBreach (562)
  • DataLeak (195)
  • DDoS (166)
  • DoubleExtortion (15)
  • Exploit (1,539)
  • Geopolitics (6)
  • Literacy (2,402)
  • LOLbin (62)
  • MageCartAttack (15)
  • Malware (1,474)
  • MCP (17)
  • MisConfiguration (64)
  • NHI (11)
  • Outage (106)
  • ParadigmShift (181)
  • Privacy (246)
  • Protection (649)
  • RaaS (122)
  • Ransomware (739)
  • RAT (787)
  • Repository (360)
  • Research (1,212)
  • Resilience (133)
  • Scammer (615)
  • SecTools (257)
  • SocialEngineering (57)
  • SupplyChain (450)
  • TTP (1,002)
  • Uncategorized (22)
  • Vulnerability (5,226)
  • WateringHoleAttack (4)
  • Zero Trust (382)
  • _AI/ML (544)
  • _CDN (4)
  • _Cloud (370)
  • _Container (74)
  • _CryptCcurrency (40)
  • _Defence (162)
  • _Education (8)
  • _Finance (161)
  • _Government (1,108)
  • _HealthCare (47)
  • _Human (51)
  • _ICS (85)
  • _IDS/IPS (182)
  • _Industry (221)
  • _Infrastructure (129)
  • _Mobile (162)
  • _OpenSource (1,402)
  • _PLC (39)
  • _Regulation (158)
  • _Retail (79)
  • _RTOS (6)
  • _Space (26)
  • _Statistics (423)
  • _Storage (70)
  • _Telecom (77)
  • _Transportation (56)
  • Tracking
  • In The Era
  • CISA KEV
  • Security by Design
  • Statistics
  • About
IoT OT Security News Blog at WordPress.com.
  • Subscribe Subscribed
    • IoT OT Security News
    • Join 169 other subscribers
    • Already have a WordPress.com account? Log in now.
    • IoT OT Security News
    • Subscribe Subscribed
    • Sign up
    • Log in
    • Report this content
    • View site in Reader
    • Manage subscriptions
    • Collapse this bar