EUVD-2026-4404

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix refcount leak when invalid session is found on session lookup When a session is found but its state is not SMB2SESSIONVALID, It indicates that no valid session was found, but it is missing to decrement the reference...

MiracleLinux 7 : grub2-2.02-0.87.11.0.1.el7.AXS7 (AXSA:2022-4404:04)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4404:04 advisory. grub2: Integer underflow in grubnetrecvip4packets CVE-2022-28733 Tenable has extracted the preceding description block directly from the MiracleLinux securit...

MiracleLinux 4 : thunderbird-68.3.0-3.AXS4 (AXSA:2019-4404:04)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2019-4404:04 advisory. Mozilla: Use-after-free in worker destruction CVE-2019-17008 Mozilla: Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3 CVE-2019-17012...

MiracleLinux 9 : ipa-4.12.2-14.el9_6.1 (AXSA:2025-10543:04)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10543:04 advisory. freeIPA: idm: Privilege escalation from host to domain admin in FreeIPA CVE-2025-4404 Tenable has extracted the preceding description block directly from th...

MiracleLinux 8 : idm:DL1 (AXSA:2025-10036:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10036:01 advisory. freeIPA: idm: Privilege escalation from host to domain admin in FreeIPA CVE-2025-4404 Tenable has extracted the preceding description block directly from th...

FreeIPA: idm: Privilege escalation from host to domain admin in FreeIPA

A privilege escalation flaw from host to domain administrator was found in FreeIPA. This vulnerability is similar to CVE-2025-4404, where it fails to validate the uniqueness of the krbCanonicalName. While the previously released version added validations for the admin@REALM credential, FreeIPA...

AlmaLinux 10 : ipa (ALSA-2025:9190)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:9190 advisory. freeIPA: idm: Privilege escalation from host to domain admin in FreeIPA CVE-2025-4404 Tenable has extracted the preceding description block directly from the...

RockyLinux 10 : ipa (RLSA-2025:9190)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:9190 advisory. freeIPA: idm: Privilege escalation from host to domain admin in FreeIPA CVE-2025-4404 Tenable has extracted the preceding description block directly from the...

RLSA-2025:9184 Important: ipa security update

Rocky Enterprise Software Foundation Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: freeIPA: idm: Privilege escalation from host to domain admin in FreeIPA...

RLSA-2025:9190 Important: ipa security update

Rocky Enterprise Software Foundation Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: freeIPA: idm: Privilege escalation from host to domain admin in FreeIPA...

Exploit for CVE-2025-4404

CVE-2025-4404 POC POC for CVE-2025-4404 If you have a domain...

RockyLinux 8 : idm:DL1 (RLSA-2025:9188)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:9188 advisory. freeIPA: idm: Privilege escalation from host to domain admin in FreeIPA CVE-2025-4404 Tenable has extracted the preceding description block directly from the...

RLSA-2025:9188 Important: idm:DL1 security update

Rocky Enterprise Software Foundation Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: freeIPA: idm: Privilege escalation from host to domain admin in FreeIPA...

ipa security update

4.6.8-5.0.3.el79.17 - Fix privilege escalation from host to domain vulnerability - CVE-2025-4404 Orabug: 38085890...

Oracle Linux 7 : ipa (ELSA-2025-9189)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-9189 advisory. 4.6.8-5.0.3.el79.17 - Fix privilege escalation from host to domain vulnerability - CVE-2025-4404 Orabug: 38085890 Tenable has extracted the preceding descriptio...

AlmaLinux 8 : idm:DL1 (ALSA-2025:9188)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:9188 advisory. freeIPA: idm: Privilege escalation from host to domain admin in FreeIPA CVE-2025-4404 Tenable has extracted the preceding description block directly from the...

AlmaLinux 9 : ipa (ALSA-2025:9184)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:9184 advisory. freeIPA: idm: Privilege escalation from host to domain admin in FreeIPA CVE-2025-4404 Tenable has extracted the preceding description block directly from the...

Critical: ipa

Issue Overview: A privilege escalation from host to domain vulnerability was found in the FreeIPA project. The FreeIPA package fails to validate the uniqueness of the krbCanonicalName for the admin account by default, allowing users to create services with the same canonical name as the REALM...

Oracle Linux 9 : ipa (ELSA-2025-9184)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-9184 advisory. - Resolves: RHEL-89908 EMBARGOED CVE-2025-4404 ipa: Privilege escalation from host to domain admin in FreeIPA Tenable has extracted the preceding description...

CVE-2025-4404

creationtimestamp| type| source ---|---|--- 2025-06-17 14:39:59+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/18594 2025-06-17 14:55:56+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114699282395931964 2025-06-17 15:08:20+00:00| seen|...