CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-2237

A use of get request method with sensitive query strings vulnerability in volume encryption of Synology Storage Manager package before 1.0.1-1100 allows local users on Windows to obtain sensitive information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 0.9%

CVSS Severity

CVSS v3 Score 6.2

References

https://www.synology.com/en-global/security/advisory/Synology_SA_26_01

Products affected by CVE-2026-2237

Synology » Storage Manager » Version: Any

cpe:2.3:a:synology:storage_manager:*
Synology » Diskstation Manager » Version: 7.2.1

cpe:2.3:o:synology:diskstation_manager:7.2.1
Synology » Diskstation Manager » Version: 7.2.2

cpe:2.3:o:synology:diskstation_manager:7.2.2
Synology » Diskstation Manager » Version: 7.3

cpe:2.3:o:synology:diskstation_manager:7.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-2237

Products

Pricing

Contact Us