CVE-2026-22899: File Station 5

Q: What is the severity of CVE-2026-22899?

CVE-2026-22899 has a medium severity rating with a CVSS score of 5.3.

Q: What is CVE-2026-22899?

CVE-2026-22899 is a NULL pointer dereference vulnerability affecting File Station 6 which can be exploited for a denial-of-service attack.

Q: How can I fix CVE-2026-22899?

To fix CVE-2026-22899, upgrade to File Station 5 version 5.5.6.5208 or later.

Q: Who is affected by CVE-2026-22899?

CVE-2026-22899 affects users of Synology File Station 6 who have a user account that could be exploited by remote attackers.

Q: What is the impact of CVE-2026-22899?

The impact of CVE-2026-22899 is the potential for a denial-of-service attack if exploited by an attacker with a valid user account.

Published Jun 10, 2026

Updated

A NULL pointer dereference vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5208 and later

Affected Software

2 affected components

Synology File Station 6

Synology File Station 5<5.5.6.5208

Remediation

Information

We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5208 and later

Event History

Jun 10, 2026

CVE Published

via MITRE·03:07 AM

Data Sourced

via MITRE·03:07 AM

RemedyDescriptionWeakness

Data Sourced

via NVD·04:17 AM

DescriptionSeverityWeakness

Frequently Asked Questions

What is the severity of CVE-2026-22899?

CVE-2026-22899 has a medium severity rating with a CVSS score of 5.3.

What is CVE-2026-22899?

CVE-2026-22899 is a NULL pointer dereference vulnerability affecting File Station 6 which can be exploited for a denial-of-service attack.

How can I fix CVE-2026-22899?

To fix CVE-2026-22899, upgrade to File Station 5 version 5.5.6.5208 or later.

Who is affected by CVE-2026-22899?

CVE-2026-22899 affects users of Synology File Station 6 who have a user account that could be exploited by remote attackers.

What is the impact of CVE-2026-22899?

The impact of CVE-2026-22899 is the potential for a denial-of-service attack if exploited by an attacker with a valid user account.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

CVE-2026-22899: File Station 5

Affected Software

Remediation

Information

Event History

Don't miss critical vulnerabilities

Frequently Asked Questions

What is the severity of CVE-2026-22899?

What is CVE-2026-22899?

How can I fix CVE-2026-22899?

Who is affected by CVE-2026-22899?

What is the impact of CVE-2026-22899?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2026-22899?

What is CVE-2026-22899?

How can I fix CVE-2026-22899?

Who is affected by CVE-2026-22899?

What is the impact of CVE-2026-22899?