QNAP has alerted users to patch a critical vulnerability in the ASP.NET Core framework that affects its NetBak PC Agent, a Windows backup utility. The flaw, tracked as CVE-2025-55315, could allow attackers to hijack user credentials or bypass security controls, prompting QNAP to recommend updates to ensure system security. Users can either reinstall the app or manually update the ASP.NET Core components to mitigate risks.