CVE-2025-12686

CRITICAL NVD

CVSS Score 9.8

Severity CRITICAL

Published May 27, 2026

Vendor unknown

Description

Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in AdminCenter in Synology BeeStation Manager (BSM) before 1.3.2-65648 and Synology BeeStation OS before 1.3.2-65648 allows remote attackers to execute arbitrary code via unspecified vectors.

References

https://www.synology.com/en-global/security/advisory/Synology_SA_25_12