Critical severity9.0NVD Advisory· Published May 26, 2026· Updated Jun 15, 2026
CVE-2026-4480
CVE-2026-4480
Description
A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta characters. A remote attacker could exploit this vulnerability by sending a specially crafted print job description that contains unescaped shell characters. This could lead to remote code execution on the affected system.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
52(expand)+ 2 more
- (no CPE)
- cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*range: >=4.1.0,<4.2.1
- (no CPE)
- cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
- osv-coords44 versionspkg:rpm/almalinux/ctdbpkg:rpm/almalinux/ldb-toolspkg:rpm/almalinux/libldbpkg:rpm/almalinux/libldb-develpkg:rpm/almalinux/libnetapipkg:rpm/almalinux/libnetapi-develpkg:rpm/almalinux/libsmbclientpkg:rpm/almalinux/libsmbclient-develpkg:rpm/almalinux/libwbclientpkg:rpm/almalinux/libwbclient-develpkg:rpm/almalinux/python3-ldbpkg:rpm/almalinux/python3-sambapkg:rpm/almalinux/python3-samba-dcpkg:rpm/almalinux/python3-samba-develpkg:rpm/almalinux/python3-samba-testpkg:rpm/almalinux/sambapkg:rpm/almalinux/samba-clientpkg:rpm/almalinux/samba-client-libspkg:rpm/almalinux/samba-commonpkg:rpm/almalinux/samba-common-libspkg:rpm/almalinux/samba-common-toolspkg:rpm/almalinux/samba-dcerpcpkg:rpm/almalinux/samba-dc-libspkg:rpm/almalinux/samba-develpkg:rpm/almalinux/samba-gpupdatepkg:rpm/almalinux/samba-krb5-printingpkg:rpm/almalinux/samba-ldb-ldap-modulespkg:rpm/almalinux/samba-libspkg:rpm/almalinux/samba-pidlpkg:rpm/almalinux/samba-testpkg:rpm/almalinux/samba-test-libspkg:rpm/almalinux/samba-toolspkg:rpm/almalinux/samba-usersharespkg:rpm/almalinux/samba-vfs-iouringpkg:rpm/almalinux/samba-winbindpkg:rpm/almalinux/samba-winbind-clientspkg:rpm/almalinux/samba-winbind-krb5-locatorpkg:rpm/almalinux/samba-winbind-modulespkg:rpm/almalinux/samba-winexepkg:rpm/opensuse/samba&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/samba&distro=openSUSE%20Tumbleweedpkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/samba&distro=SUSE%20Linux%20Micro%206.2
< 4.19.4-16.el8_10+ 43 more
- (no CPE)range: < 4.19.4-16.el8_10
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.19.4-16.el8_10
- (no CPE)range: < 4.19.4-16.el8_10
- (no CPE)range: < 4.19.4-16.el8_10
- (no CPE)range: < 4.19.4-16.el8_10
- (no CPE)range: < 4.19.4-16.el8_10
- (no CPE)range: < 4.19.4-16.el8_10
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.19.4-16.el8_10
- (no CPE)range: < 4.19.4-16.el8_10
- (no CPE)range: < 4.19.4-16.el8_10
- (no CPE)range: < 4.19.4-16.el8_10
- (no CPE)range: < 4.19.4-16.el8_10
- (no CPE)range: < 4.19.4-16.el8_10
- (no CPE)range: < 4.19.4-16.el8_10
- (no CPE)range: < 4.19.4-16.el8_10
- (no CPE)range: < 4.19.4-16.el8_10
- (no CPE)range: < 4.19.4-16.el8_10
- (no CPE)range: < 4.19.4-16.el8_10
- (no CPE)range: < 4.19.4-16.el8_10
- (no CPE)range: < 4.19.4-16.el8_10
- (no CPE)range: < 4.23.5-109.el10_2
- (no CPE)range: < 4.19.4-16.el8_10
- (no CPE)range: < 4.19.4-16.el8_10
- (no CPE)range: < 4.19.4-16.el8_10
- (no CPE)range: < 4.19.4-16.el8_10
- (no CPE)range: < 4.19.4-16.el8_10
- (no CPE)range: < 4.19.4-16.el8_10
- (no CPE)range: < 4.19.4-16.el8_10
- (no CPE)range: < 4.19.4-16.el8_10
- (no CPE)range: < 4.19.4-16.el8_10
- (no CPE)range: < 4.19.4-16.el8_10
- (no CPE)range: < 4.19.4-16.el8_10
- (no CPE)range: < 4.19.4-16.el8_10
- (no CPE)range: < 4.19.4-16.el8_10
- (no CPE)range: < 4.19.4-16.el8_10
- (no CPE)range: < 4.22.9+git.506.22c03ce0781-160000.1.1
- (no CPE)range: < 4.23.8+git.477.f78166bceed-1.1
- (no CPE)range: < 4.22.9+git.506.22c03ce0781-160000.1.1
- (no CPE)range: < 4.22.9+git.506.22c03ce0781-160000.1.1
- (no CPE)range: < 4.22.9+git.506.22c03ce0781-160000.1.1
Patches
Vulnerability mechanics
References
7- access.redhat.com/security/cve/CVE-2026-4480nvdMitigationThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- bugzilla.samba.org/show_bug.cginvdIssue TrackingVendor Advisory
- access.redhat.com/errata/RHSA-2026:22644nvd
- access.redhat.com/errata/RHSA-2026:22963nvd
- access.redhat.com/errata/RHSA-2026:25049nvd
- access.redhat.com/errata/RHSA-2026:25979nvd
News mentions
2- ⚡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Attacks, OAuth Phishing and MoreThe Hacker News · Jun 1, 2026
- Critical Samba Vulnerability Enables Remote Code Execution AttacksCyber Security News · May 29, 2026