CVE-2025-13593

MEDIUM NVD

CVSS Score 6.1

Severity MEDIUM

Published May 27, 2026

Vendor unknown

Description

Origin validation error vulnerability in Synology ActiveProtect Agent before 1.1.0-0439 allows local users to write arbitrary files with restricted content when installing.

References

https://www.synology.com/en-global/security/advisory/Synology_SA_25_15