CVE-2026-26128

CVE-2026-26128 concerns an elevation-of-privilege flaw in Windows SMB Server caused by improper authentication. The vulnerability affects Windows SMB Server and is described in connected sources as allowing an authorized local attacker to obtain higher privileges. Evidence from the connected docu...

CVE-2026-24294 Windows SMB Server Elevation of Privilege Vulnerability

...

CVE-2026-24294

CVE-2026-24294 affects Windows SMB Server. The core issue is improper authentication in the SMB component, enabling an authorized local attacker to elevate privileges. The CVE is rated high (CVSS 3.1 base 7.8) with local attack vector, low complexity, and no user interaction required, and the imp...

USN-8059-8: Linux kernel (NVIDIA) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SMB network file system; CVE-2025-22037, CVE-2025-37899...

Windows SMB Server Elevation of Privilege Vulnerability

Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally...

PT-2026-24288

Name of the Vulnerable Software and Affected Versions Windows versions affected versions not specified Description A flaw in the Windows SMB Server authentication process can allow an authorized attacker to elevate privileges locally. The issue relates to deficiencies in the authentication...

PT-2026-36050

Name of the Vulnerable Software and Affected Versions Wireshark versions 4.6.0 through 4.6.4 Wireshark versions 4.4.0 through 4.4.14 Description An infinite loop in the SMB2 protocol dissector can lead to a denial of service. Recommendations Update Wireshark versions 4.6.0 through 4.6.4 to a...

curl: Use-After-Free in SMB connection reuse (req->path dangling pointer after needle destruction)

Summary A heap-use-after-free occurs in smbsendopen at lib/smb.c when curl processes two SMB URLs targeting the same host. The function smbparseurlpath sets req-path as a non-owning pointer into smbc-share connection-owned memory. During connection reuse, the needle connection is freed via...

curl: CVE-2026-3805: use after free in SMB connection reuse

Summary A heap-use-after-free occurs in smbsendopen at lib/smb.c when curl processes two SMB URLs targeting the same host. The function smbparseurlpath sets req-path as a non-owning pointer into smbc-share connection-owned memory. During connection reuse, the needle connection is freed via...

USN-8059-7: Linux kernel (AWS FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SMB network file system; CVE-2025-22037, CVE-2025-37899...

curl: LM Challenge-Response Hash Always Sent in SMB Authentication

LM Challenge-Response Hash Always Sent in SMB Authentication Summary The curl SMB client unconditionally computes and sends both the legacy LAN Manager LM and NT challenge-response hashes during SMB session setup. The LM hash is cryptographically broken — it splits the password into two 7-charact...

RHEL 9 : kernel-rt (RHSA-2026:3375)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3375 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerabilities (USN-8059-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8059-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

USN-8059-6: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SMB network file system; CVE-2025-22037, CVE-2025-37899...

CVE-2026-27884

NetExec is a network execution tool. Prior to version 1.5.1, the module spiderplus improperly creates the output file and folder path when saving files from SMB shares. It does not take into account that it is possible for Linux SMB shares to have path traversal characters such as ../ in them. An...

EUVD-2026-8790

NetExec is a network execution tool. Prior to version 1.5.1, the module spiderplus improperly creates the output file and folder path when saving files from SMB shares. It does not take into account that it is possible for Linux SMB shares to have path traversal characters such as ../ in them. An...

kernel: smb: client: let recv_done verify data_offset, data_length and remaining_data_length

In the Linux kernel, the following vulnerability has been resolved: smb: client: let recvdone verify dataoffset, datalength and remainingdatalength This is inspired by the related server fixes...

USN-8059-5 linux-fips, linux-gcp-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SMB network file system; CVE-2025-22037, CVE-2025-37899...

USN-8059-3 linux-gcp, linux-gcp-6.8, linux-gke, linux-oracle-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SMB network file system; CVE-2025-22037, CVE-2025-37899...

USN-8059-3: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SMB network file system; CVE-2025-22037, CVE-2025-37899...