CVE-2026-22902 | QNAP QuNetSwitch 2.0.4.0415 os command injection (qsa-26-11)

Inserito da Angelo Barbosa | Mar 20, 2026 | CVE

A vulnerability was found in QNAP QuNetSwitch 2.0.4.0415. It has been declared as critical. The impacted element is an unknown function. Such manipulation leads to os command injection.

This vulnerability is documented as CVE-2026-22902. The attack needs to be performed locally. There is not any exploit available.

It is recommended to upgrade the affected component.

CVE-2026-22902 | QNAP QuNetSwitch 2.0.4.0415 os command injection (qsa-26-11)

Post correlati

CVE-2026-23112 | Linux Kernel up to 6.18.9 nvmet-tcp nvmet_tcp_build_pdu_iovec memory corruption

CVE-2024-51997 | confidential-containers trustee up to 0.8.1 ART Token Privilege Escalation

CVE-2024-44009 | WC Lovers WCFM Marketplace Plugin up to 3.6.10 on WordPress cross site scripting

CVE-2025-4573 | Mattermost up to 9.11.13/10.5.4/10.6.3/10.7.1 LDAP Search Filter link objectGUID ldap injection