Synology · Storage Manager · CVE-2026-2237
**Name of the Vulnerable Software and Affected Versions**
Synology Storage Manager versions prior to 1.0.1-1100
**Description**
A flaw in the volume encryption component allows local attackers to obtain sensitive information. This occurs because the application uses the GET request method with sensitive query strings, which can lead to information disclosure.
**Recommendations**
Update to version 1.0.1-1100 or later.