Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

QNAP security patch release for CVE-2025-62847

Security Patch Release
First reported
Last updated
Happening score
H score 45
1 unique sources, 1 articles

Summary

Hide ▲

QNAP has released fixes for seven zero-day vulnerabilities affecting QTS, QuTS hero, Hyper Data Protector, Malware Remover, and HBS 3 Hybrid Backup Sync, closing flaws that were already used to compromise NAS devices at Pwn2Own Ireland 2025. The patch bundle covers CVE-2025-62847, CVE-2025-62848, CVE-2025-62849, CVE-2025-59389, CVE-2025-11837, CVE-2025-62840, and CVE-2025-62842. Administrators are being told to update to the latest version and change all passwords to reduce residual risk.

Related Happenings

TrendAI Trend Micro’s enterprise business security patch release for CVE-2026-34926

Security Patch Release
First: 22.05.2026 11:19 Last: 22.05.2026 11:19 Sources 1

About this happening: **TrendAI** released **Apex One** security updates after confirming a **zero-day** had been **exploited in the wild**, leaving **on-premises installations** at risk until patched....

Open Happening

Linux kernel Dirty Frag patch release (CVE-2026-43284, CVE-2026-43500)

Security Patch Release
First: 11.05.2026 17:30 Last: 11.05.2026 17:30 Sources 1

About this happening: **Major Linux distributions** are rolling out fixes for **Dirty Frag**, the **Linux kernel** patch release that covers **CVE-2026-43284** and **CVE-2026-43500**. The update matter...

Open Happening

Linux kernel security update for Copy Fail (CVE-2026-31431)

Security Patch Release
First: 30.04.2026 16:54 Last: 30.04.2026 16:54 Sources 1

About this happening: **Linux kernel** maintainers have fixed **CVE-2026-31431** and are rolling out updates to close a **local privilege escalation** flaw that lets an unprivileged attacker gain **roo...

Open Happening

PackageKit 1.3.5 security update (CVE-2026-41651)

Security Patch Release
First: 24.04.2026 20:28 Last: 24.04.2026 20:28 Sources 1

About this happening: **PackageKit version 1.3.5** was released to fix **CVE-2026-41651**, closing a **local privilege-escalation** path that could let Linux users gain **root permissions**. The update...

Open Happening

Progress security patch release for CVE-2026-2699

Security Patch Release
First: 02.04.2026 16:33 Last: 02.04.2026 16:33 Sources 1

About this happening: **Progress** released **ShareFile 5.12.4** on **March 10** to fix **CVE-2026-2699** and **CVE-2026-2701** in the **Storage Zones Controller (SZC)** for **branch 5.x**. The update...

Open Happening

Timeline

  1. 07.11.2025 20:24 2 articles · 6mo ago

    QNAP releases fixes for seven NAS zero-days exploited at Pwn2Own Ireland 2025

    Mitigation Patch Update

    QNAP released fixes for seven zero-day vulnerabilities affecting QTS, QuTS hero, Hyper Data Protector, Malware Remover, and HBS 3 Hybrid Backup Sync after researchers from Summoning Team, DEVCORE, Team DDOS, and a CyCraft technology intern demonstrated exploitation against QNAP NAS devices at Pwn2Own Ireland 2025. The patched flaws include CVE-2025-62847, CVE-2025-62848, CVE-2025-62849, CVE-2025-59389, CVE-2025-11837, CVE-2025-62840, and CVE-2025-62842, with QNAP advising administrators to update to the latest versions and change all passwords.

    Show sources
    Open in new tab