Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-62840

A generation of error message containing sensitive information vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If an attacker gains local network access, they can then exploit the vulnerability to read application data. We have already fixed the vulnerability in the following version: HBS 3 Hybrid Backup Sync 26.2.0.938 and later

Published

2026-01-02T16:17:00.573

Last Modified

2026-02-05T19:04:20.880

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 3.3 (LOW)

Weaknesses

Type: Primary
CWE-209

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	qnap	hybrid_backup_sync	< 26.2.0.938	Yes

References

https://www.qnap.com/en/security-advisory/qsa-25-46 Vendor Advisory ([email protected])