Known Vulnerabilities for Assistant by Synology
Listed below are 1 of the newest known vulnerabilities associated with "Assistant" by "Synology".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-42865 json | Inbox Zero is an AI personal assistant for email. Prior to 2.29.3, the cleaner email stream endpoint used a shared Redis subs... | Not Provided | 2026-05-11 | 2026-05-11 |
| CVE-2026-42456 json | AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. P... | Not Provided | 2026-05-08 | 2026-05-11 |
| CVE-2026-42432 json | OpenClaw before 2026.4.8 contains a privilege escalation vulnerability allowing previously paired nodes to reconnect with exe... | Not Provided | 2026-04-28 | 2026-04-29 |
| CVE-2026-42428 json | OpenClaw versions before 2026.4.8 fail to enforce integrity verification on downloaded plugin archives. Attackers can install... | Not Provided | 2026-04-28 | 2026-04-29 |
| CVE-2026-41908 json | OpenClaw before 2026.4.20 contains a scope enforcement bypass vulnerability in the assistant-media route that allows trusted-... | Not Provided | 2026-04-23 | 2026-04-23 |
| CVE-2026-41335 json | OpenClaw before 2026.3.31 contains an information disclosure vulnerability in the Control Interface bootstrap JSON that expos... | Not Provided | 2026-04-23 | 2026-04-25 |
| CVE-2026-40602 json | The Home Assistant Command-line interface (hass-cli) is a command-line tool for Home Assistant. Up to 1.0.0 of home-assitant-... | Not Provided | 2026-04-21 | 2026-04-21 |
| CVE-2026-39426 json | MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a Stored Cross-Site Scripting (XSS) vul... | Not Provided | 2026-04-14 | 2026-04-16 |
| CVE-2026-39425 json | MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a Stored Cross-Site Scripting (XSS) vul... | Not Provided | 2026-04-14 | 2026-04-14 |
| CVE-2026-39424 json | MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, the chat export feature is vulnerable to Im... | Not Provided | 2026-04-14 | 2026-04-16 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Synology | Assistant | 6.2-23733 | |||
| Application | Synology | Assistant | 6.1-15163 | |||
| Application | Synology | Assistant | 6.1-15030 | |||
| Application | Synology | Assistant | 6.0-7319 | |||
| Application | Synology | Assistant | 5.2-5566 | |||
| Application | Synology | Assistant | 5.1-5005 | |||
| Application | Synology | Assistant | 5.1-5002 | |||
| Application | Synology | Assistant | 5.0-4448 | |||
| Application | Synology | Assistant | 5.0-4418 | |||
| Application | Synology | Assistant | 4.3-4359 | |||
| Application | Synology | Assistant | 4.3-4206 | |||
| Application | Synology | Assistant | 4.2-3508 | |||
| Application | Synology | Assistant | 4.2-3179 | |||
| Application | Synology | Assistant | 4.1-2647 | |||
| Application | Synology | Assistant | 4.1-2638 | |||
| Application | Synology | Assistant | 4.1-2636 | |||
| Application | Synology | Assistant | 4.0-2216 | |||
| Application | Synology | Assistant | 4.0-2196 | |||
| Application | Synology | Assistant | 3.2-1920 | |||
| Application | Synology | Assistant | 3.1-1593 |