Manufacturer page
Synology is one of the best fits for the site thanks to consistent advisory structure, dates, CVEs, severity, and fixed releases. Latest notable addition: Synology-SA-26:06, a broad DSM advisory with explicit fixed releases across DSM 7.3, 7.2.2, and 7.2.1.
Synology published a broad DSM security advisory covering 11 vulnerabilities, with explicit fixed releases across current supported DSM branches.
Synology published a Mail Station package advisory for DSM after disclosing that CVE-2026-5129 may allow remote authenticated users to read or write limited files.
Synology disclosed a critical DSM update for GNU Inetutils telnetd after warning that CVE-2026-32746 may allow unauthenticated remote attackers to execute arbitrary commands.
Synology released a Storage Manager package security update for DSM 7.3 and DSM 7.2.x after disclosing a local information exposure issue.
Safe Access for SRM 1.3 received a security update for a vulnerability that could allow remote authenticated administrator-level users to read or write limited files.
RADIUS Server for SRM 1.3 received a fix for an XSS issue that could let remote authenticated administrator-level users read or write limited files and conduct limited DoS.
Synology disclosed an SMB Service issue where remote authenticated users could write to limited files; DSM packages received fixed builds and SRM/BeeStation remained ongoing at publication time.
Multiple path traversal issues in SRM 1.3 allowed remote authenticated users to read metadata or read/write limited files.