CVE-2026-44449 Lumiverse: SMB `exists()` basename injection via smbclient `!cmd` escape

Lumiverse is a full-featured AI chat application. Prior to 0.9.7, when the primary toSmbPathfullPath call throws, the method falls back to a dirname/basename split and only validates the directory prefix. The basename is concatenated directly into the smbclient -c script without validation...

EUVD-2026-31980

Lumiverse is a full-featured AI chat application. Prior to 0.9.7, when the primary toSmbPathfullPath call throws, the method falls back to a dirname/basename split and only validates the directory prefix. The basename is concatenated directly into the smbclient -c script without validation...

CVE-2026-44449

Lumiverse before 0.9.7 is vulnerable to an injection in the toSmbPath(fullPath) handling. If the primary path lookup fails, the code falls back to a dirname/basename split and only validates the directory prefix, then concatenates the basename directly into the smbclient -c script without validat...

CVE-2026-44449

Lumiverse is a full-featured AI chat application. Prior to 0.9.7, when the primary toSmbPathfullPath call throws, the method falls back to a dirname/basename split and only validates the directory prefix. The basename is concatenated directly into the smbclient -c script without validation...

PT-2026-43401

Lumiverse is a full-featured AI chat application. Prior to 0.9.7, when the primary toSmbPathfullPath call throws, the method falls back to a dirname/basename split and only validates the directory prefix. The basename is concatenated directly into the smbclient -c script without validation...

EUVD-2015-5839

Malware in sbrugna...

PT-2025-13947

Name of the Vulnerable Software and Affected Versions macOS versions prior to 15.4 Description The issue was addressed with improved memory handling. An app may be able to cause unexpected system termination. Recommendations For versions prior to 15.4, update to macOS Sequoia 15.4 to resolve the...

openSUSE: Security Advisory for ldb, samba (SUSE-SU-2022:2586-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Warns of Stealthy Outlook Vulnerability Exploited by Russian Hackers

Microsoft on Friday shared guidance to help customers discover indicators of compromise IoCs associated with a recently patched Outlook vulnerability. Tracked as CVE-2023-23397 CVSS score: 9.8, the critical flaw relates to a case of privilege escalation that could be exploited to steal NT LAN...

SUSE CVE-2006-5925

Links web browser 1.00pre12 and Elinks 0.9.2 with smbclient installed allows remote attackers to execute arbitrary code via shell metacharacters in an smb:// URI, as demonstrated by using PUT and GET statements...

SUSE CVE-2009-1886

Multiple format string vulnerabilities in client/client.c in smbclient in Samba 3.2.0 through 3.2.12 might allow context-dependent attackers to execute arbitrary code via format string specifiers in a filename...

SUSE CVE-2010-0926

The default configuration of smbd in Samba before 3.3.11, 3.4.x before 3.4.6, and 3.5.x before 3.5.0rc3, when a writable share exists, allows remote authenticated users to leverage a directory traversal vulnerability, and access arbitrary files, by using the symlink command in smbclient to create...

SUSE: Security Advisory (SUSE-SU-2022:2659-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for samba (openSUSE-SU-2022:0283-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : samba (openSUSE-2020-1526)

"This update for samba fixes the following issues : - ZeroLogon: An elevation of privilege was possible with some non default configurations when an attacker established a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol MS-NRPC CVE-2020-147...

Security update for samba (important)

openSUSE Security Update: Security update for samba Announcement ID: openSUSE-SU-2020:1526-1 Rating: important References: 1176579 Cross-References: CVE-2020-1472 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for samba fixe...

samba security, bug fix, and enhancement update

openchange 2.3-24.0.1 - Add patch to build against samba 4.11 2.3-24 - Rebuild for newer samba and libldb samba 4.11.2-13 - resolves: 1802182 - Fix join using netbios name 4.11.2-12 - related: 1781232 - Improve debug output of smbclient - resolves: 1794461 - Do not return bogus inode numbers in...

SUSE SLED15 / SLES15 Security Update : samba (SUSE-SU-2020:1133-1)

This update for samba fixes the following issues : Security issue fixed : CVE-2020-10704: Fixed a stack overflow in the AD DC CLDAP server bsc1169851. Non-security issues fixed : Fixed spnego fallback from kerberos to ntlmssp in smbd server bsc1169473. Fixed warning messages for non root users...

SUSE-SU-2020:1133-1 Security update for samba

This update for samba fixes the following issues: Security issue fixed: - CVE-2020-10704: Fixed a stack overflow in the AD DC CLDAP server bsc1169851. Non-security issues fixed: - Fixed spnego fallback from kerberos to ntlmssp in smbd server bsc1169473. - Fixed warning messages for non root users...

samba security, bug fix, and enhancement update

4.9.1-6 - related: 1703204 - Fix printing with smbspool as CUPS backend 4.9.1-5 - resolves: 1703204 - Fix smbspool krb5 authentication 4.9.1-4 - resolves: 1690222 - Fix --max-protocol documentation of smbclient - resolves: 1518353 - Fix 'net ads join -Uadmin@forestdomain' - resolves: 1696524 - Fi...