CVE-2025-59385 | QNAP QTS/QuTS hero authentication spoofing (qsa-25-45)

December 16, 2025 Yanac

A vulnerability categorized as critical has been discovered in QNAP QTS and QuTS hero. This impacts an unknown function. Such manipulation leads to authentication bypass by spoofing.

This vulnerability is traded as CVE-2025-59385. The attack may be launched remotely. There is no exploit available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More

CVE-2025-68113 | altcha-org altcha-lib up to 1.4.0 interpretation input (GHSA-6gvq-jcmp-8959)
CVE-2025-67748 | trailofbits fickling up to 0.1.5 pty.spawn incomplete blacklist (GHSA-r7v6-mfhq-g3m2)