Critical severity9.8NVD Advisory· Published May 27, 2026· Updated Jun 5, 2026
CVE-2025-12686
CVE-2025-12686
Description
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in AdminCenter in Synology BeeStation OS before 1.3.2-65648 allows remote attackers to execute arbitrary code via unspecified vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:o:synology:beestation_os:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:synology:beestation_os:*:*:*:*:*:*:*:*range: >=1.0,<1.3.2
- (no CPE)range: <1.3.2-65648
Patches
Vulnerability mechanics
References
1- www.synology.com/en-global/security/advisory/Synology_SA_25_12nvdVendor Advisory
News mentions
1- Synology: 10 CVEs Disclosed Across NAS, BeeStation, and Backup ProductsVypr Intelligence · May 27, 2026