CVE-2026-22898

Published: Mar 20, 2026

Modified: Mar 27, 2026

PUBLISHED

Description

A missing authentication for critical function vulnerability has been reported to affect QVR Pro. The remote attackers can then exploit the vulnerability to gain access to the system. We have already fixed the vulnerability in the following version: QVR Pro 2.7.4.14 and later

Vendor	Product	Versions
QNAP Systems Inc.	QVR Pro	affected `2.7.x - < 2.7.4.14`

Weaknesses (CWE)

CWE-306

References

https://www.qnap.com/en/security-advisory/qsa-26-07

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-22898

Description

Affected Products

Weaknesses (CWE)

References