CVE-2026-32746 – Synology DiskStation Manager

CVSS 9.8 CRITICAL

“One exposed interface can give attackers full control of your storage.”

Synology addressed CVE-2026-32746 in DiskStation Manager (DSM), a critical vulnerability that allows remote code execution through improper handling of network-facing services. An attacker can exploit this issue to execute arbitrary code without authentication, putting stored data, system integrity, and connected services at immediate risk.

CVE-2026-32746 has a CVSS score of 9.8, which is Critical severity. Verified proof-of-concept code exists, increasing the likelihood of exploitation. The patch fixes the vulnerable service handling and strengthens input validation to block unauthorized code execution.

Key Details

Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
CWE Classification: CWE-120

Patch this CVE on all your endpoints in under 5 minutes. First 200 endpoints are free forever, scale as needed.

CVE-2026-32746 – Synology DiskStation Manager

Key Details

Stay Tuned

PLATFORM

SOLUTIONS

RESOURCES

COMPANY

LEGAL

CONTACTS

+1-346-444-8530

Toll Free: 833-444-8530

708 Main St, 10th FL, Houston, TX 77002