This page lists publicly disclosed CVE vulnerabilities affecting synology beedrive (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2024-11399 | Files or directories accessible to external parties vulnerability in redis-server component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to conduct denial-of-service attacks via unspecified vectors. | [email protected] | 6.8 | 0.11% | 2026-05-27 | 2026-06-17 |
| CVE-2023-52945 | Uncontrolled search path element vulnerability in OpenSSL DLL component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to execute arbitrary code via unspecified vectors. | [email protected] | 7.8 | 0.14% | 2026-05-27 | 2026-06-17 |
| CVE-2025-8074 | Origin validation error vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.3-13973 allows local users to write arbitrary files with non-sensitive information via unspecified vectors. | [email protected] | 5.6 | 0.08% | 2025-12-04 | 2026-06-17 |
| CVE-2025-54160 | Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.2-13960 allows local users to execute arbitrary code via unspecified vectors. | [email protected] | 7.8 | 0.18% | 2025-12-04 | 2026-06-17 |
| CVE-2025-54159 | Missing authorization vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.2-13960 allows remote attackers to delete arbitrary files via unspecified vectors. | [email protected] | 7.5 | 0.37% | 2025-12-04 | 2026-06-17 |
| CVE-2025-54158 | Missing authentication for critical function vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.2-13960 allows local users to execute arbitrary code via unspecified vectors. | [email protected] | 7.8 | 0.17% | 2025-12-04 | 2026-06-17 |