CVE-2026-26239: File Station 5

Q: What is the severity of CVE-2026-26239?

The severity of CVE-2026-26239 is rated as high with a score of 8.7.

Q: How do I fix CVE-2026-26239?

CVE-2026-26239 can be fixed by upgrading to File Station 5 version 5.5.6.5208 or later.

Q: What type of vulnerability is CVE-2026-26239?

CVE-2026-26239 is a buffer overflow vulnerability affecting File Station 5.

Q: What can an attacker do with CVE-2026-26239?

An attacker with a user account can exploit CVE-2026-26239 to modify memory or crash processes.

Q: When was CVE-2026-26239 published?

CVE-2026-26239 was published on June 10, 2026.

Published Jun 10, 2026

Updated

A buffer overflow vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5208 and later

Affected Software

1 affected component

Synology File Station 5<5.5.6.5208

Remediation

Information

We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5208 and later

Event History

Jun 10, 2026

CVE Published

via MITRE·03:15 AM

Data Sourced

via MITRE·03:15 AM

RemedyDescriptionWeakness

Data Sourced

via NVD·04:17 AM

DescriptionSeverityWeakness

Frequently Asked Questions

What is the severity of CVE-2026-26239?

The severity of CVE-2026-26239 is rated as high with a score of 8.7.

How do I fix CVE-2026-26239?

CVE-2026-26239 can be fixed by upgrading to File Station 5 version 5.5.6.5208 or later.

What type of vulnerability is CVE-2026-26239?

CVE-2026-26239 is a buffer overflow vulnerability affecting File Station 5.

What can an attacker do with CVE-2026-26239?

An attacker with a user account can exploit CVE-2026-26239 to modify memory or crash processes.

When was CVE-2026-26239 published?

CVE-2026-26239 was published on June 10, 2026.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

CVE-2026-26239 - File Station 5 - SecAlerts