1858 matches found
kernel: smb: client: fix OOB reads parsing symlink error response
A flaw was found in the Linux kernel's Server Message Block SMB client. A remote, untrusted server could send a specially crafted symlink error response, leading to an out-of-bounds read vulnerability. This could result in the disclosure of sensitive information from the kernel's memory to a loca...
CVE-2026-57089
Use after free in Windows SMB Server Network Transport Driver srvnet.sys allows an unauthorized attacker to execute code over a network...
CVE-2026-50360
Incorrect implementation of authentication algorithm in Windows SMB Server allows an authorized attacker to elevate privileges over a network...
CVE-2026-58531
CVE-2026-58531 is a Windows SMB elevation-of-privilege vulnerability caused by a race condition in a shared resource. It affects Windows SMB components and enables an authorized attacker to elevate privileges over the network. CVSS v3.1 base score 7.5 (NETWORK, HIGH impact), per Microsoft’s advis...
CVE-2026-58531 Windows SMB Elevation of Privilege Vulnerability
...
CVE-2026-57089
CVE-2026-57089 affects the Windows SMB Server Network Transport Driver (srvnet.sys). It is a use-after-free vulnerability in srvnet.sys that could allow an unauthenticated attacker to execute code remotely over a network (remote code execution). The CVSSv3.1 base score is 7.5 (HIGH) with Network ...
CVE-2026-50690
CVE-2026-50690 is a Windows SMB information-disclosure vulnerability described as caused by the use of an uninitialized resource within Windows SMB that can allow an authorized local attacker to disclose information. The CVE is linked to Microsoft advisories and MSRC updates addressing the issue,...
CVE-2026-50690 Windows SMB Information Disclosure Vulnerability
...
CVE-2026-50360 Windows SMB Server Elevation of Privilege Vulnerability
...
CVE-2026-50360 Windows SMB Server Elevation of Privilege Vulnerability
...
CVE-2026-50360
The CVE-2026-50360 entry describes an Elevation of Privilege in Windows SMB Server caused by an incorrect authentication algorithm, allowing an authorized attacker to elevate privileges over the network. Published CVSS v3.1 vector: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (base 8.8, HIGH). Windows has...
CVE-2026-49801 Windows SMB Information Disclosure Vulnerability
...
CVE-2026-54997 Windows SMB Information Disclosure Vulnerability
...
CVE-2026-54997
Public technical details are not provided in the supplied documents for CVE-2026-54997. No specifics on affected products, versions, root cause, or remediation are available here. Monitor for updates from official sources.
SUSE-SU-2026:2989-1 Security update for the Linux Kernel (Live Patch 40 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.166 fixes various security issues The following security issues were fixed: - CVE-2026-31758: usb: usbtmc: Flush anchored URBs in usbtmcrelease bsc1264094. - CVE-2026-43037: ip6tunnel: clear skb2-cb in ip4ip6err bsc1265197. -...
Windows SMB Server Elevation of Privilege Vulnerability
Incorrect implementation of authentication algorithm in Windows SMB Server allows an authorized attacker to elevate privileges over a network...
Windows SMB Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB allows an authorized attacker to elevate privileges over a network...
PT-2026-58625
Name of the Vulnerable Software and Affected Versions Microsoft Windows affected versions not specified Description A use after free issue exists in the Windows SMB Server Network Transport Driver srvnet.sys. This flaw allows an unauthorized attacker to execute arbitrary code over a network. Use...
PT-2026-58343
Name of the Vulnerable Software and Affected Versions Windows SMB Server affected versions not specified Description An incorrect implementation of the authentication algorithm in the Windows SMB Server allows an authorized attacker to elevate privileges over a network. Recommendations At the...
EUVD-2026-43317
A weakness has been identified in Shibby Tomato up to 1.28.0000. This affects the function sub2D048 of the component CIFS Mount Handler. Executing a manipulation of the argument cifs1/cifs2 can lead to os command injection. The attack can be executed remotely. The exploit has been made available ...