Critical severity10.0NVD Advisory· Published Nov 7, 2025· Updated Apr 15, 2026

CVE-2025-10230

Description

A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Unsanitized NetBIOS name data from WINS registration packets are inserted into a shell command and executed by the Samba Active Directory Domain Controller’s wins hook, allowing an unauthenticated network attacker to achieve remote command execution as the Samba process.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

access.redhat.com/security/cve/CVE-2025-10230nvd
bugzilla.redhat.com/show_bug.cginvd
www.samba.org/samba/history/security.htmlnvd
www.vicarius.io/vsociety/posts/cve-2025-10230-detect-samba-vulnerabilitynvd
www.vicarius.io/vsociety/posts/cve-2025-10230-mitigate-samba-vulnerabilitynvd

News mentions

No linked articles in our index yet.

cvss	0.650
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000