QNAP QuTS hero OS <=5.3.2.3354 NULL Pointer DoS
CVE-2025-66274 Published on February 11, 2026
QTS, QuTS hero
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.
We have already fixed the vulnerability in the following versions:
QTS 5.2.9.3410 build 20260214 and later
QuTS hero h5.2.9.3410 build 20260214 and later
QuTS hero h5.3.2.3354 build 20251225 and later
QuTS hero h6.0.0.3397 build 20260206 and later
Weakness Type
NULL Pointer Dereference
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit. NULL pointer dereference issues can occur through a number of flaws, including race conditions, and simple programming omissions.
Products Associated with CVE-2025-66274
stack.watch emails you whenever new vulnerabilities are published in QNAP Quts Hero or QNAP Qts. Just hit a watch button to start following.
Affected Versions
QNAP Systems Inc. QTS:- Version 5.2.0 and below 5.2.9.3410 build 20260214 is affected.
- Version h5.2.0 and below h5.2.9.3410 build 20260214 is affected.
- Version h5.3.0 and below h5.3.2.3354 build 20251225 is affected.
- Version ? and below h6.0.0.3397 build 20260206 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.