CVE-2026-4408
- EPSS 2.5%
- Veröffentlicht 28.05.2026 07:25:27
- Zuletzt bearbeitet 03.07.2026 13:17:25
A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client...
CVE-2026-1933
- EPSS 0.86%
- Veröffentlicht 27.05.2026 12:28:44
- Zuletzt bearbeitet 03.07.2026 13:16:58
A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users with underlying filesystem write permissions may create or delete reparse point m...
CVE-2026-2340
- EPSS 0.94%
- Veröffentlicht 27.05.2026 12:09:32
- Zuletzt bearbeitet 02.07.2026 20:17:02
A flaw was found in Samba’s vfs_worm module. The module is intended to provide write-once, read-many (WORM) protections by preventing modification of files after a configurable grace period. Due to insufficient validation during rename operations, an...
CVE-2026-3012
- EPSS 0.26%
- Veröffentlicht 27.05.2026 10:02:21
- Zuletzt bearbeitet 03.07.2026 13:17:10
A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without prop...
CVE-2026-4480
- EPSS 12.8%
- Veröffentlicht 26.05.2026 13:56:32
- Zuletzt bearbeitet 30.06.2026 03:20:33
A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta characters. A remot...
- EPSS 40.12%
- Veröffentlicht 07.11.2025 19:42:06
- Zuletzt bearbeitet 29.06.2026 21:16:31
A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Unsanitized NetBIOS name data from WINS registration packets are inserted into a shel...
CVE-2025-0620
- EPSS 0.6%
- Veröffentlicht 06.06.2025 13:10:07
- Zuletzt bearbeitet 30.06.2026 00:16:49
A flaw was found in Samba. The smbd service daemon does not pick up group membership changes when re-authenticating an expired SMB session. This issue can expose file shares until clients disconnect and then connect again.
CVE-2020-25720
- EPSS 0.48%
- Veröffentlicht 17.11.2024 11:15:04
- Zuletzt bearbeitet 27.04.2026 21:16:21
A vulnerability was found in Samba where a delegated administrator with permission to create objects in Active Directory can write to all attributes of the newly created object, including security-sensitive attributes, even after the object's creatio...
CVE-2023-4154
- EPSS 1.15%
- Veröffentlicht 07.11.2023 20:15:08
- Zuletzt bearbeitet 21.11.2024 08:34:29
A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers (RODCs). This flaw allows RODCs and users possessing the GET_CHANGES right...
CVE-2023-42669
- EPSS 1.72%
- Veröffentlicht 06.11.2023 07:15:09
- Zuletzt bearbeitet 21.11.2024 08:22:55
A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpc...