Find notable cyber news and cases, enriched with sources, timelines, and signals.

QNAP security patch release for CVE-2025-62847

Security Patch Release
First reported
Last updated
Happening score
H score 36
1 unique sources, 1 articles

Summary

Hide ▲

QNAP has released fixes for seven zero-day vulnerabilities affecting QTS, QuTS hero, Hyper Data Protector, Malware Remover, and HBS 3 Hybrid Backup Sync, closing flaws that were already used to compromise NAS devices at Pwn2Own Ireland 2025. The patch bundle covers CVE-2025-62847, CVE-2025-62848, CVE-2025-62849, CVE-2025-59389, CVE-2025-11837, CVE-2025-62840, and CVE-2025-62842. Administrators are being told to update to the latest version and change all passwords to reduce residual risk.

Related Happenings

Progress LoadMaster CVE-2026-8037 patch release

Security Patch Release
H score52 First: 30.06.2026 10:38 Last: 30.06.2026 10:38 Sources 1

About this happening: **Progress** published fixed **LoadMaster** versions for **CVE-2026-8037**, closing a **pre-auth root command execution** path on appliances with the API enabled. Administrators r...

Linux kernel maintainers security patch release for CVE-2026-43503

Security Patch Release
H score34 First: 26.06.2026 14:51 Last: 26.06.2026 14:51 Sources 1

About this happening: **Linux kernel** merged and shipped the **DirtyClone** security fix for **CVE-2026-43503**, closing a **CVSS 8.8** local privilege-escalation path that could let affected systems...

Dify security patch release for CVE-2026-41947

Security Patch Release
H score34 First: 22.06.2026 19:13 Last: 22.06.2026 19:13 Sources 1

About this happening: **Dify** shipped **version 1.14.2** to fix most of the **DifyTap** vulnerabilities, closing cross-tenant paths that could expose **AI chats**, **uploaded files**, and internal API...

Apple security patch release for CVE-2025-20701

Security Patch Release
H score29 First: 18.06.2026 15:23 Last: 18.06.2026 15:23 Sources 1

About this happening: Apple released **Beats Firmware Update 1B211** for **Beats Studio Buds** to fix **CVE-2025-20701**, closing a Bluetooth flaw that could let nearby attackers spy on conversations....

Fortinet security patch release for CVE-2026-39813

Security Patch Release
H score41 First: 16.06.2026 12:19 Last: 16.06.2026 12:19 Sources 1

About this happening: **Fortinet** released **April 14** security updates for **FortiSandbox**, covering **CVE-2026-39813**, **CVE-2026-39808**, and **CVE-2026-25089**. The patch release fixes **three...

Timeline

  1. 07.11.2025 20:24 2 articles · 8mo ago

    QNAP releases fixes for seven NAS zero-days exploited at Pwn2Own Ireland 2025

    Mitigation Patch Update

    QNAP released fixes for seven zero-day vulnerabilities affecting QTS, QuTS hero, Hyper Data Protector, Malware Remover, and HBS 3 Hybrid Backup Sync after researchers from Summoning Team, DEVCORE, Team DDOS, and a CyCraft technology intern demonstrated exploitation against QNAP NAS devices at Pwn2Own Ireland 2025. The patched flaws include CVE-2025-62847, CVE-2025-62848, CVE-2025-62849, CVE-2025-59389, CVE-2025-11837, CVE-2025-62840, and CVE-2025-62842, with QNAP advising administrators to update to the latest versions and change all passwords.

    Show sources