CVE-2026-1579 PX4 Autopilot Missing authentication for critical function

The MAVLink communication protocol does not require cryptographic authentication by default. When MAVLink 2.0 message signing is not enabled, any message -- including SERIALCONTROL, which provides interactive shell access -- can be sent by an unauthenticated party with access to the MAVLink...

samba: SMB2 packet signing is not enforced when "server signing = required" is set

A vulnerability was found in Samba's SMB2 packet signing mechanism. The SMB2 packet signing is not enforced if an admin configured "server signing = required" or for SMB2 connections to Domain Controllers where SMB2 packet signing is mandatory. This flaw allows an attacker to perform attacks, suc...

PT-2023-8786 · Samba +8 · Samba +8

Name of the Vulnerable Software and Affected Versions: Samba affected versions not specified Description: A vulnerability was found in Samba's SMB2 packet signing mechanism. The SMB2 packet signing is not enforced if an admin configured "server signing = required" or for SMB2 connections to Domai...

CVE-2017-12150

It was found that samba did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text. Mitigation The missing implied signing for smb2mount -e, smbcacls -e and smbcquotas -e can be...