Known Vulnerabilities for Assistant by Synology
Listed below are 2 of the newest known vulnerabilities associated with "Assistant" by "Synology".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-56012 json | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David Lingren Media LIb... | Not Provided | 2026-06-18 | 2026-06-18 |
| CVE-2026-54198 json | Unauthenticated Cross Site Scripting (XSS) in Media LIbrary Assistant <= 3.35 versions. | Not Provided | 2026-06-16 | 2026-06-16 |
| CVE-2026-48716 json | nanobot is a personal AI assistant. In versions 0.1.5.post3 and prior, the WhatsApp bridge in bridge/src/whatsapp.ts construc... | Not Provided | 2026-06-18 | 2026-06-18 |
| CVE-2026-46526 json | Local Deep Research is an AI-powered research assistant for deep, iterative research. Prior to 1.6.10, the URL checking logic... | Not Provided | 2026-05-28 | 2026-05-29 |
| CVE-2026-46475 json | Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, assistant cr... | Not Provided | 2026-06-08 | 2026-06-08 |
| CVE-2026-46441 json | Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, a mass assig... | Not Provided | 2026-06-08 | 2026-06-08 |
| CVE-2026-45487 json | Time-of-check time-of-use (TOCTOU) race condition in Program Compatibility Assistant Service allows an authorized attacker to... | Not Provided | 2026-06-09 | 2026-06-10 |
| CVE-2026-45413 json | MaxKB is an open-source AI assistant for enterprise. Prior to 2.9.1, user passwords are stored using unsalted MD5 hashes, mak... | Not Provided | 2026-05-26 | 2026-05-27 |
| CVE-2026-45412 json | MaxKB is an open-source AI assistant for enterprise. Prior to 2.9.1, SSRF via work_flow_template Import. Authenticated users ... | Not Provided | 2026-05-26 | 2026-05-27 |
| CVE-2026-45323 json | MeshCore Card provides MeshCore Lovelace card for Home Assistant. Prior to 0.3.3, Meshcore node names are rendered without HT... | Not Provided | 2026-05-28 | 2026-05-29 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Synology | Assistant | 6.2-23733 | |||
| Application | Synology | Assistant | 6.1-15163 | |||
| Application | Synology | Assistant | 6.1-15030 | |||
| Application | Synology | Assistant | 6.0-7319 | |||
| Application | Synology | Assistant | 5.2-5566 | |||
| Application | Synology | Assistant | 5.1-5005 | |||
| Application | Synology | Assistant | 5.1-5002 | |||
| Application | Synology | Assistant | 5.0-4448 | |||
| Application | Synology | Assistant | 5.0-4418 | |||
| Application | Synology | Assistant | 4.3-4359 | |||
| Application | Synology | Assistant | 4.3-4206 | |||
| Application | Synology | Assistant | 4.2-3508 | |||
| Application | Synology | Assistant | 4.2-3179 | |||
| Application | Synology | Assistant | 4.1-2647 | |||
| Application | Synology | Assistant | 4.1-2638 | |||
| Application | Synology | Assistant | 4.1-2636 | |||
| Application | Synology | Assistant | 4.0-2216 | |||
| Application | Synology | Assistant | 4.0-2196 | |||
| Application | Synology | Assistant | 3.2-1920 | |||
| Application | Synology | Assistant | 3.1-1593 |