CVE-2026-26237: QuMagie
Published Jun 10, 2026
·Updated
A missing authorization vulnerability has been reported to affect QuMagie. The remote attackers can then exploit the vulnerability to access unauthorized data or perform unauthorized actions. We have already fixed the vulnerability in the following version: QuMagie 2.9.0 and later
Affected Software
1 affected component
Synology QuMagie<2.9.0
Remediation
Information
We have already fixed the vulnerability in the following version:
QuMagie 2.9.0 and later
Event History
Jun 10, 2026
CVE Published
via MITRE·03:15 AM
Data Sourced
via MITRE·03:15 AM
RemedyDescriptionWeakness
Data Sourced
via NVD·04:17 AM
DescriptionSeverityWeakness
Frequently Asked Questions
1
What is the severity of CVE-2026-26237?
CVE-2026-26237 has a high severity rating of 8.7 according to the CVSS scoring system.
2
How do I fix CVE-2026-26237?
To fix CVE-2026-26237, upgrade to QuMagie version 2.9.0 or later.
3
What type of vulnerability is CVE-2026-26237?
CVE-2026-26237 is a missing authorization vulnerability that allows remote attackers to access unauthorized data.
4
Can CVE-2026-26237 affect my data security?
Yes, CVE-2026-26237 can potentially expose unauthorized access to sensitive data.
5
When was CVE-2026-26237 published?
CVE-2026-26237 was published on June 10, 2026.