VYPR

rpm package

almalinux/samba-gpupdate

pkg:rpm/almalinux/samba-gpupdate

Vulnerabilities (6)

  • CVE-2026-4408CriMay 28, 2026
    affected < 4.23.5-109.el10_2fixed 4.23.5-109.el10_2

    A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed

  • CVE-2026-2340MedMay 27, 2026
    affected < 4.23.5-109.el10_2fixed 4.23.5-109.el10_2

    A flaw was found in Samba’s vfs_worm module. The module is intended to provide write-once, read-many (WORM) protections by preventing modification of files after a configurable grace period. Due to insufficient validation during rename operations, an authenticated user with write

  • CVE-2026-1933HigMay 27, 2026
    affected < 4.23.5-109.el10_2fixed 4.23.5-109.el10_2

    A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users with underlying filesystem write permissions may create or delete reparse point metadata through SMB operations

  • CVE-2026-3012HigMay 27, 2026
    affected < 4.23.5-109.el10_2fixed 4.23.5-109.el10_2

    A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker w

  • CVE-2026-4480CriMay 26, 2026
    affected < 4.23.5-109.el10_2fixed 4.23.5-109.el10_2

    A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta characters. A remote attacker could exploit this

  • CVE-2026-40170HigApr 16, 2026
    affected < 4.23.5-109.el10_2fixed 4.23.5-109.el10_2

    ngtcp2 is a C implementation of the IETF QUIC protocol. In versions prior to 1.22.1, ngtcp2_qlog_parameters_set_transport_params() serializes peer transport parameters into a fixed 1024-byte stack buffer without bounds checking. When qlog is enabled, a remote peer can send suffic