CVE-2026-2237

Description

A use of get request method with sensitive query strings vulnerability in volume encryption of Synology Storage Manager package before 1.0.1-1100 allows local attackers to obtain sensitive information.

References

• https://www.synology.com/en-global/security/advisory/Synology_SA_26_01