High severity7.1NVD Advisory· Published May 27, 2026· Updated Jun 15, 2026
CVE-2026-1933
CVE-2026-1933
Description
A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users with underlying filesystem write permissions may create or delete reparse point metadata through SMB operations even on read-only exports. This could allow modification of SMB-visible file behavior, including converting files into symbolic links or other reparse point types.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
49- cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*
cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*range: >=4.1.0,<4.2.2
- (no CPE)
cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
- osv-coords42 versionspkg:rpm/almalinux/ldb-toolspkg:rpm/almalinux/libldbpkg:rpm/almalinux/libldb-develpkg:rpm/almalinux/libnetapipkg:rpm/almalinux/libnetapi-develpkg:rpm/almalinux/libsmbclientpkg:rpm/almalinux/libsmbclient-develpkg:rpm/almalinux/libwbclientpkg:rpm/almalinux/libwbclient-develpkg:rpm/almalinux/python3-ldbpkg:rpm/almalinux/python3-sambapkg:rpm/almalinux/python3-samba-dcpkg:rpm/almalinux/python3-samba-testpkg:rpm/almalinux/sambapkg:rpm/almalinux/samba-clientpkg:rpm/almalinux/samba-client-libspkg:rpm/almalinux/samba-commonpkg:rpm/almalinux/samba-common-libspkg:rpm/almalinux/samba-common-toolspkg:rpm/almalinux/samba-dcerpcpkg:rpm/almalinux/samba-dc-libspkg:rpm/almalinux/samba-develpkg:rpm/almalinux/samba-gpupdatepkg:rpm/almalinux/samba-krb5-printingpkg:rpm/almalinux/samba-ldb-ldap-modulespkg:rpm/almalinux/samba-libspkg:rpm/almalinux/samba-pidlpkg:rpm/almalinux/samba-testpkg:rpm/almalinux/samba-test-libspkg:rpm/almalinux/samba-toolspkg:rpm/almalinux/samba-usersharespkg:rpm/almalinux/samba-vfs-iouringpkg:rpm/almalinux/samba-winbindpkg:rpm/almalinux/samba-winbind-clientspkg:rpm/almalinux/samba-winbind-krb5-locatorpkg:rpm/almalinux/samba-winbind-modulespkg:rpm/almalinux/samba-winexepkg:rpm/opensuse/samba&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/samba&distro=openSUSE%20Tumbleweedpkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/samba&distro=SUSE%20Linux%20Micro%206.2
< 4.23.5-109.el10_2+ 41 more
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.22.9+git.506.22c03ce0781-160000.1.1
- (no CPE)range: < 4.23.8+git.477.f78166bceed-1.1
- (no CPE)range: < 4.22.9+git.506.22c03ce0781-160000.1.1
- (no CPE)range: < 4.22.9+git.506.22c03ce0781-160000.1.1
- (no CPE)range: < 4.22.9+git.506.22c03ce0781-160000.1.1
Patches
Vulnerability mechanics
References
6- access.redhat.com/security/cve/CVE-2026-1933nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- bugzilla.samba.org/show_bug.cginvdIssue TrackingVendor Advisory
- access.redhat.com/errata/RHSA-2026:22963nvd
- access.redhat.com/errata/RHSA-2026:25049nvd
- access.redhat.com/errata/RHSA-2026:25979nvd
News mentions
0No linked articles in our index yet.