| 505015 | Qnap QTS and QuTS hero NULL Pointer Dereference (CVE-2025-44013) | Tenable OT Security | Tenable.ot | 1/20/2026 | 2/4/2026 | medium |
| 505219 | Qnap QTS and QuTS Use of Uninitialized Variable (CVE-2025-58466) | Tenable OT Security | Tenable.ot | 3/9/2026 | 3/10/2026 | medium |
| 504844 | Qnap QTS and QuTS hero Improper Limitation of a Pathname to a Restricted Directory (CVE-2024-37043) | Tenable OT Security | Tenable.ot | 12/11/2025 | 2/24/2026 | medium |
| 504869 | Qnap QTS and QuTS hero Improper Limitation of a Pathname to a Restricted Directory (CVE-2024-37046) | Tenable OT Security | Tenable.ot | 12/22/2025 | 2/20/2026 | low |
| 505030 | Qnap QTS and QuTS hero Improper Limitation of a Pathname to a Restricted Directory (CVE-2025-59380) | Tenable OT Security | Tenable.ot | 1/20/2026 | 2/4/2026 | medium |
| 502516 | Qnap QTS Allocation of Resources Without Limits or Throttling (CVE-2023-45028) | Tenable OT Security | Tenable.ot | 10/16/2024 | 10/17/2024 | medium |
| 502576 | Qnap QTS Improper Restriction of Rendered UI Layers or Frames (CVE-2018-19957) | Tenable OT Security | Tenable.ot | 10/16/2024 | 10/17/2024 | medium |
| 504831 | Qnap QTS and QuTS hero Improper Neutralization of Special Elements used in an OS Command (CVE-2024-50393) | Tenable OT Security | Tenable.ot | 12/11/2025 | 2/24/2026 | high |
| 504835 | Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50398) | Tenable OT Security | Tenable.ot | 12/11/2025 | 2/24/2026 | low |
| 504840 | Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50401) | Tenable OT Security | Tenable.ot | 12/11/2025 | 2/24/2026 | low |
| 504988 | Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2025-53406) | Tenable OT Security | Tenable.ot | 1/16/2026 | 2/6/2026 | medium |
| 504989 | Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2025-53407) | Tenable OT Security | Tenable.ot | 1/16/2026 | 2/6/2026 | medium |
| 505221 | Qnap QTS and QuTS Improper Link Resolution Before File Access (CVE-2025-66277) | Tenable OT Security | Tenable.ot | 3/9/2026 | 3/10/2026 | critical |
| 504998 | Qnap QTS and QuTS hero Integer Overflow or Wraparound (CVE-2024-21905) | Tenable OT Security | Tenable.ot | 1/19/2026 | 2/5/2026 | high |
| 502588 | Qnap QTS Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2018-14749) | Tenable OT Security | Tenable.ot | 10/16/2024 | 10/17/2024 | critical |
| 505010 | Qnap QTS and QuTS hero Buffer Copy without Checking Size of Input (CVE-2025-52872) | Tenable OT Security | Tenable.ot | 1/20/2026 | 2/4/2026 | medium |
| 504961 | Qnap QTS and QuTS hero Improper Link Resolution Before File Access (CVE-2024-53691) | Tenable OT Security | Tenable.ot | 1/16/2026 | 2/6/2026 | high |
| 505006 | Qnap QTS and QuTS hero Improper Limitation of a Pathname to a Restricted Directory (CVE-2023-51365) | Tenable OT Security | Tenable.ot | 1/19/2026 | 2/5/2026 | high |
| 504829 | Qnap QTS and QuTS hero Improper Neutralization of CRLF Sequences (CVE-2024-48867) | Tenable OT Security | Tenable.ot | 12/11/2025 | 2/24/2026 | medium |
| 505008 | Qnap QTS and QuTS hero Buffer Copy without Checking Size of Input (CVE-2025-52864) | Tenable OT Security | Tenable.ot | 1/20/2026 | 2/4/2026 | medium |
| 505009 | Qnap QTS and QuTS hero Buffer Copy without Checking Size of Input (CVE-2025-52863) | Tenable OT Security | Tenable.ot | 1/20/2026 | 2/4/2026 | medium |
| 505017 | Qnap QTS and QuTS hero Stack-based Buffer Overflow (CVE-2025-53593) | Tenable OT Security | Tenable.ot | 1/20/2026 | 2/4/2026 | medium |
| 505021 | Qnap QTS and QuTS hero Out-of-bounds Read (CVE-2025-54164) | Tenable OT Security | Tenable.ot | 1/20/2026 | 2/4/2026 | medium |
| 505042 | Qnap QTS and QuTS hero Exposure of Sensitive Information to an Unauthorized Actor (CVE-2024-13086) | Tenable OT Security | Tenable.ot | 1/30/2026 | 2/3/2026 | high |
