CVE-2026-31444

A flaw was found in ksmbd, a component of the Linux kernel. This vulnerability involves a use-after-free and a NULL pointer dereference within the smbgrantoplock function during the oplock publication sequence. An attacker could potentially exploit these issues, leading to memory corruption. This...

CVE-2026-31444

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free and NULL deref in smbgrantoplock smbgrantoplock has two issues in the oplock publication sequence: 1 opinfo is linked into ci-moplist via opinfoadd before addleasegloballist is called. If...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013424)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013424 advisory. The ksmbd server through 3.4.2, as used in the Linux kernel through 5.15.8, sometimes communicates in cleartext even though encryption has been enabled. This occurs...

PT-2026-34381

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw in the ksmbd module occurs when a multichannel session binding request fails, such as due to an incorrect password. In these instances, the error path unconditionally sets the...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013442)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013442 advisory. An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is an out-of- bounds read and OOPS for SMB2WRITE, when there is a large...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013599)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013599 advisory. In the Linux kernel, the following vulnerability has been resolved: cifs: Fix lost destroy smbd connection when MR allocate failed If the MR allocate failed, the smb...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-011392)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011392 advisory. A use-after-free flaw was found in smb2isstatusiotimeout in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-010754)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010754 advisory. An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c omits a kfree call in certain smb2handlenegotiate error...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-010701)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010701 advisory. An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2misc.c has an out-of-bounds read and OOPS for SMB2TREECONNECT...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-010699)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010699 advisory. An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is a heap- based buffer overflow in setntacldacl, related to use of...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-010738)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010738 advisory. The ksmbd server through 3.4.2, as used in the Linux kernel through 5.15.8, sometimes communicates in cleartext even though encryption has been enabled. This occurs...

Exploit for CVE-2017-0144

No d...

Exploit for CVE-2017-0144

No d...

[SECURITY] Fedora 43 Update: smb4k-4.0.6-1.fc43

Smb4K is an SMB/CIFS share browser for KDE. It uses the Samba software suite to access the SMB/CIFS shares of the local network neighborhood. Its purpose is to provide a program that's easy to use and has as many features as possible...

CVE-2026-39907

Unisys WebPerfect Image Suite versions 3.0.3960.22810 and 3.0.3960.22604 expose an unauthenticated WCF SOAP endpoint on TCP port 1208 that accepts unsanitized file paths in the ReadLicense action's LFName parameter, allowing remote attackers to trigger SMB connections and leak NTLMv2...

Exploit for Use After Free in Haxx Curl

CVE-2026-3805: Use-After-Free in curl SMB Connection Reuse I...

SUSE-SU-2026:1266-1 Security update for the Linux Kernel (Live Patch 20 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.87 fixes various security issues The following security issues were fixed: - CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc bsc1258051. - CVE-2026-23111: netfilter: nftables: fix inverted genmask check i...

EUVD-2026-21627

Sonos Era 300 SMB Response Out-Of-Bounds Access Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sonos Era 300. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

CVE-2026-4149

The CVE-2026-4149 entry concerns Sonos Era 300. Affected component: SMB response handling (DataOffset) leading to out-of-bounds memory access and remote code execution. Impact: attacker can run code with kernel context via a network vector without authentication (high/CRITICAL). CVSS data: NVD/3....

PT-2026-32095

Name of the Vulnerable Software and Affected Versions Kubernetes affected versions not specified Description The Kubernetes CSI Driver for SMB contains a path traversal issue via the subDir parameter. This could allow unintended directories on the SMB server to be deleted. Recommendations At the...