High severityNVD Advisory· Published Jun 9, 2026

CVE-2026-44083

Description

An authorization bypass through user-controlled key vulnerability has been reported to affect QuMagie. The remote attackers can then exploit the vulnerability to gain unintended privileges.

We have already fixed the vulnerability in the following version: QuMagie 2.9.1 and later

Affected products

QuMagie/QuMagiellm-fuzzy
Range: >=2.9.1
Qnap/QuMagiellm-fuzzy
Range: >=2.9.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.qnap.com/en/security-advisory/qsa-26-35nvd

News mentions

QNAP: Four Vulnerabilities Disclosed Together on June 9, 2026
Vypr Intelligence · Jun 9, 2026

cvss	0.455
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000