samba security update

An update is available for samba. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Samba is an open-source implementation of the Server Message Block SMB protocol...

RLSA-2026:22644 Important: samba security update

Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fixes: samba: group policy certificate enrollment uses http://...

RHEL 10 : samba (RHSA-2026:22963)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22963 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol,...

samba: group policy certificate enrollment uses http:// without validation

A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability t...

samba: group policy certificate enrollment uses http:// without validation

A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability t...

Microsoft is named a Leader in the 2026 Gartner® Magic Quadrant™ for Endpoint Protection

As threats become more coordinated and faster to execute, endpoint protection has become the proving ground for modern defense. For the seventh consecutive time, Microsoft has been named a Leader in the 2026 Gartner® Magic Quadrant™ for Endpoint Protection. We believe this reflects both the...

CVE-2026-3012

A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability t...

CVE-2026-3012

A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability t...

CVE-2026-3012 Samba: group policy certificate enrollment uses http:// without validation

A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability t...

CVE-2026-3012

CVE-2026-3012 concerns Samba’s certificate auto-enrollment over HTTP without verification. When Group Policy auto-enrollment is enabled, Samba may fetch a CA certificate via unencrypted HTTP and install it into the local trust store without proper validation, enabling a MiTM-style attack to intro...

CVE-2026-3012 Samba: group policy certificate enrollment uses http:// without validation

A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability t...

CVE-2026-3012

A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability t...

Samba 数据伪造问题漏洞

Samba is an open-source suite of standard Windows interoperability programs for Linux and Unix systems. Samba has a vulnerability related to data falsification, which stems from the automatic certificate registration group policy processing. This process involves retrieving CA certificates via...

SUSE-SU-2026:2074-1 Security update for samba

This update for samba fixes the following issues - CVE-2026-2340: vfsworm does not block directory modification bsc1261158. - CVE-2026-3012: group policy certificate enrollment uses http: // without validation bsc1261159. - CVE-2026-3238: unauthenticated udp packet crashes AD DC nbt server...

UBUNTU-CVE-2026-3012

A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability t...

CVE-2026-3012

auto-enrolment GPO installing CA certificate over http without verification...

auto-enrolment GPO installing CA certificate over http

Description If the certificate auto-enrollment GPO is enabled on domain members both in Samba's smb.conf and using Windows GPME tool, a CA certificate may be fetched using a plain HTTP connection and installed in the member computer's trust store. This may give an attacker a chance to intercept t...

Astra Linux - уязвимость в sssd

A race condition flaw was identified in sssd, where the GPO policy is not consistently applied to authenticated users. This could lead to improper authorization issues, granting or denying access to resources inappropriately...

GHSA-82RM-QCFX-2V78 Duplicate Advisory: OpenClaw: Delivery queue recovery could lose group tool-policy context for media replay

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-r77c-2cmr-7p47. This link is maintained to preserve external references. Original Description OpenClaw versions 2026.4.10 before 2026.4.14 fail to persist session context during delivery queue recovery for media...

CVE-2026-43583 OpenClaw 2026.4.10 < 2026.4.14 - Loss of Group Tool-Policy Context in Delivery Queue Recovery

OpenClaw versions 2026.4.10 before 2026.4.14 fail to persist session context during delivery queue recovery for media replay. Attackers can exploit recovered queued outbound media to bypass group tool policy enforcement and weaken channel media restrictions after service restart or recovery...