CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-22898

A missing authentication for critical function vulnerability has been reported to affect QVR Pro. The remote attackers can then exploit the vulnerability to gain access to the system. We have already fixed the vulnerability in the following version: QVR Pro 2.7.4.14 and later

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 47.6%

CVSS Severity

CVSS v3 Score 9.8

References

https://www.qnap.com/en/security-advisory/qsa-26-07

Products affected by CVE-2026-22898

Qnap » Qvr Pro » Version: 2.7.1.1259

cpe:2.3:a:qnap:qvr_pro:2.7.1.1259
Qnap » Qvr Pro » Version: 2.7.2.1336

cpe:2.3:a:qnap:qvr_pro:2.7.2.1336
Qnap » Qvr Pro » Version: 2.7.3.1377

cpe:2.3:a:qnap:qvr_pro:2.7.3.1377
Qnap » Qvr Pro » Version: 2.7.4.1407

cpe:2.3:a:qnap:qvr_pro:2.7.4.1407

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-22898

Products

Pricing

Contact Us