CVE-2026-11493

A weakness has been identified in Tenda AC15 15.03.05.19. The impacted element is an unknown function of the file /etcro/smb.conf of the component Samba. Executing a manipulation can lead to weak password requirements. The attack is only possible within the local network. A high complexity level ...

PT-2026-47255

A weakness has been identified in Tenda AC15 15.03.05.19. The impacted element is an unknown function of the file /etc ro/smb.conf of the component Samba. Executing a manipulation can lead to weak password requirements. The attack is only possible within the local network. A high complexity level...

samba: Samba: Remote Code Execution in printing subsystem via unescaped job description

A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta characters. A remote attacker could exploit this vulnerability by...

K000161507: Samba vulnerability CVE-2026-3238

Security Advisory Description This candidate has been reserved by a CVE Numbering Authority CNA. This record will be updated by the assigning CNA once details are available. Learn more about the Reserved state here. CVE-2026-3238 Impact There is no impact; F5 products are not affected by this...

Samba 操作系统命令注入漏洞

Samba is an open-source suite of standard Windows interoperability programs for Linux and Unix systems. Samba has a vulnerability related to operating system command injection, which stems from the incorrect escaping of shell metacharacters when the “check password” script uses the %u character...

EUVD-2026-32275

A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users with underlying filesystem write permissions may create or delete reparse point metadata through SMB operations even on read-onl...

SUSE CVE-2026-1933

A flaw was found in Samba's handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users with underlying filesystem write permissions may create or delete reparse point metadata through SMB operations even on read-onl...

SUSE CVE-2026-4408

A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper...

Samba 数据伪造问题漏洞

Samba is an open-source suite of standard Windows interoperability programs for Linux and Unix systems. Samba has a vulnerability related to data falsification, which stems from the automatic certificate registration group policy processing. This process involves retrieving CA certificates via...

Samba 安全漏洞

Samba is an open-source suite of standard Windows interoperability programs for Linux and Unix systems. Samba has a security vulnerability, which stems from insufficient validation during the renaming process involving the vfsworm module. This vulnerability could allow authenticated users to...

Samba 访问控制错误漏洞

Samba is an open-source suite of standard Windows interoperability programs for Linux and Unix systems. Samba has a control access vulnerability that stems from the lack of SMB-layer access checks when handling NTFS-style symbolic links. This vulnerability allows authenticated users to create or...

Linux Distros Unpatched Vulnerability : CVE-2026-3012

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Samba's certificate auto-enrollment Group Policy handling. When certificate auto- enrollment is enabled, Samba may retrieve a CA certificate...

Linux Distros Unpatched Vulnerability : CVE-2026-4408

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the check password...

CVE-2026-4480

A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta characters. A remote attacker could exploit this vulnerability by...

Exploit for CVE-2007-2447

🛡️ Metasploitable2 Vulnerability Assessment Author: Jaden Julius...

Linux Distros Unpatched Vulnerability : CVE-2026-4480

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the print command...

Astra Linux - уязвимость в samba

A flaw was discovered in Samba. A race condition in the password lockout code may lead to the risk of brute-force attacks succeeding if certain conditions are met...

Astra Linux - уязвимость в samba

A out-of-bounds read vulnerability was discovered in Samba due to insufficient length checks in the winbinddpamauthcrap.c file. When performing NTLM authentication, the client sends cryptographic challenges back to the server. These responses have varying lengths, and Winbind fails to check the...

Astra Linux - уязвимость в samba

A flaw was discovered in Samba. The security vulnerability occurs when the KDC and the kpasswd service share a single account and set of keys, allowing them to decrypt each other’s tickets. A user who has been requested to change their password can exploit this flaw to obtain and use tickets for...

Astra Linux - уязвимость в samba

The fixes in 4.6.16, 4.7.9, 4.8.4, and 4.9.7 for CVE-2018-10919, which address the issue of confidential attributes being disclosed via LDAP filters, were insufficient. An attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC...