1784 matches found
CVE-2026-40410
Use after free in Windows SMB Client allows an authorized attacker to elevate privileges locally...
EUVD-2026-29924
libcurl might in some circumstances reuse the wrong connection for SMBS transfers. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid overhead. When reusing a connection a range of criteria must be met. Due to a logical error in the...
CVE-2026-5773
libcurl might in some circumstances reuse the wrong connection for SMBS transfers. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid overhead. When reusing a connection a range of criteria must be met. Due to a logical error in the...
CVE-2026-5773
libcurl might in some circumstances reuse the wrong connection for SMBS transfers. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid overhead. When reusing a connection a range of criteria must be met. Due to a logical error in the...
CVE-2026-5773
CVE-2026-5773 affects libcurl and involves a logical error in the SMB connection reuse pool. The code could reuse an existing SMB connection to the same server but with a different share, potentially causing the wrong file to be downloaded or a file to be uploaded to the wrong location, while cre...
CVE-2026-5773 wrong reuse of SMB connection
libcurl might in some circumstances reuse the wrong connection for SMBS transfers. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid overhead. When reusing a connection a range of criteria must be met. Due to a logical error in the...
CVE-2026-5773
libcurl might in some circumstances reuse the wrong connection for SMBS transfers. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid overhead. When reusing a connection a range of criteria must be met. Due to a logical error in the...
SUSE CVE-2026-43362
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix in-place encryption corruption in SMB2write SMB2write places write payload in iov1..n as part of rqiov. smb3inittransformrq pointer-shares rqiov, so cryptmessage encrypts iov1 in-place, replacing the original...
SUSE CVE-2026-43377
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Don't log keys in SMB3 signing and encryption key generation When KSMBDDEBUGAUTH logging is enabled, generatesmb3signingkey and generatesmb3encryptionkey log the session, signing, encryption, and decryption key bytes. Remo...
libcurl 代码问题漏洞
libcurl is an open-source, free, and easy-to-use client URL transfer library for cURL. There are code vulnerabilities in libcurl, stemming from errors in connection reuse logic. These vulnerabilities may cause SMB transfers to incorrectly reuse existing connections to different shares, resulting ...
EUVD-2026-29669
Use after free in Windows SMB Client allows an authorized attacker to elevate privileges locally...
CVE-2026-40410
Use after free in Windows SMB Client allows an authorized attacker to elevate privileges locally...
CVE-2026-40410 Windows SMB Client Elevation of Privilege Vulnerability
...
CVE-2026-40410
Technical details (affected component, root cause, affected versions, exploit vectors or fixes) are not publicly provided in the supplied documents; monitor for updates from official advisories.
Windows SMB Client Elevation of Privilege Vulnerability
Use after free in Windows SMB Client allows an authorized attacker to elevate privileges locally...
Microsoft Windows SMB Client 资源管理错误漏洞
Microsoft Windows SMB Client is a software application developed by Microsoft Corporation. It is a SMB client. The Microsoft Windows SMB Client has a resource management vulnerability that can be exploited by attackers to gain elevated privileges. The following products and versions are affected:...
CVE-2026-43378
A flaw was found in the Linux kernel. Specifically, within the Server Message Block SMB server component, a use-after-free vulnerability exists in the smb2open function. This issue arises when an opinfo pointer is accessed after its memory has been deallocated, creating a window for potential...
CVE-2026-43362
A flaw was found in the Linux kernel's Server Message Block SMB client. This vulnerability allows a remote attacker to cause data corruption. When an SMB client attempts to write data over an unstable connection, the in-place encryption process can lead to already encrypted data being re-sent...
EUVD-2026-28683
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Don't log keys in SMB3 signing and encryption key generation When KSMBDDEBUGAUTH logging is enabled, generatesmb3signingkey and generatesmb3encryptionkey log the session, signing, encryption, and decryption key bytes. Remo...
EUVD-2026-28684
In the Linux kernel, the following vulnerability has been resolved: smb: server: fix use-after-free in smb2open The opinfo pointer obtained via rcudereferencefp-fopinfo is dereferenced after rcureadunlock, creating a use-after-free window...