— Security Alert
TL;DR: Synology DSM security update patches a critical telnetd security flaw (CVE-2026-24061). Open DSM, install the latest update, and expect a quick restart.
What happened
Synology DSM security update notes reference a fix for CVE-2026-24061, a critical “security flaw” (CVE is the standard ID used to track vulnerabilities). DSM (DiskStation Manager) is the operating system — the system software update — that runs your Synology NAS.
The issue is tied to telnetd, which is a background network service related to Telnet (an older way to log in over a network). Think of it like an old, rarely-used “service door” on your NAS: if it has a weakness, it’s worth patching even if you personally never use that door.
What this means for your family NAS
If your NAS stores family photos, phone backups, tax PDFs, and shared home documents, security patches like this are the low-effort way to reduce the risk of unwanted access. Most families in the US don’t intentionally open advanced network access, but remote access features (or accidental router settings) can increase exposure over time.
The reassuring part: applying a Synology DSM security update is usually a simple in-DSM process, and the main “side effect” is a brief restart. If anyone is streaming a movie from the NAS or uploading a big backup, do the update when the house is quiet (after dinner or before bed) so the reboot doesn’t interrupt anyone.
What to do right now
- Sign in to DSM on your Synology NAS (from a computer on your home Wi‑Fi).
- Go to Control Panel > Update & Restore.
- Install the latest available update (your NAS will restart automatically).
- After reboot, return to Update & Restore and confirm you’re on the latest version.
Quick sanity check: If you don’t use Telnet on purpose (most people don’t), keep it that way — don’t enable it “just to test.” Your goal here is simply to stay current with Synology DSM security update fixes.
Want to go deeper?
If you’re tightening up your home NAS security, start with the basics that matter most for families: strong passwords, multi-factor authentication where available, and backups that can’t be wiped by one mistake. Our NAS Ransomware Protection Guide is the beginner-friendly next step.
If the update fails, takes longer than expected, or you can’t find the Update & Restore screen, use our Synology NAS Troubleshooting Guide 2026 for quick fixes before you panic.