Synology-SA-26:07 DSM
Publish Time: UTC+8
Last Updated: UTC+8
- Severity
- Moderate
- Status
- Resolved
Abstract
Synology has released a security update for the DSM to address a vulnerability :
- CVE-2026-40540 allows remote authenticated users to obtain non-sensitive information.
Please refer to the 'Affected Products' table for the corresponding updates.
Affected Products
| Product | Severity | Fixed Release Availability |
|---|---|---|
| DSM 7.3 | Moderate | Upgrade to 7.3-81180 or above. |
| DSM 7.2.2 | Moderate | Upgrade to 7.2.2-72806-7 or above. |
| DSM 7.2.1 | Moderate | Upgrade to 7.2.1-69057-10 or above. |
Mitigation
None
Detail
Reserved
Acknowledgement
Warisse Valentin (Aytio)
Revision
| Revision | Date | Description |
|---|---|---|
| 1 | 2026-04-15 | Initial public release. |