Vulnerability intelligence
CVE-2026-44083
An authorization bypass through user-controlled key vulnerability has been reported to affect QuMagie. The remote attackers can then exploit the vulnerability to gain unintended privileges. We have already fixed the vulnerability in the following version: QuMagie 2.9.1 and later
CVSS Score
8.7
High
EPSS — Exploit Probability
0.4%
Riskier than 36% of all CVEs
Exploitation
Not in CISA KEV
No federal exploitation record
Remediation
unknown
Check vendor advisories
1 article across 1 outlet · first covered Jun 22, 2026 · latest Jun 22, 2026
Coverage timeline
-
QNAP patches critical QuMagie flaws exposing private photossecurityonline.info · Jun 22, 2026