[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-USN-8306-1":6},{"stargazers_count":4,"fetched_at":5},6,"2026-05-28T13:18:46.456Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":36,"duplicates":37,"related":38,"reserved_at":9,"published_at":45,"modified_at":46,"state":9,"summary":47,"references_raw":49,"kevs":81,"epss":9,"epss_history":82,"metrics":83,"affected":84},"USN-8306-1","samba vulnerabilities\n\nAsim Viladi Oglu Manizada discovered that Samba incorrectly handled access\nchecks on reparse point operations. An attacker could possibly use this\nissue to modify reparse point extended attributes on files that should have\nbeen read-only. This issue only affected Ubuntu 25.10 and Ubuntu 26.04 LTS.\n(CVE-2026-1933)\n\nPavel Kohout discovered that Samba's vfs_worm module did not properly block\nfile overwrites. An attacker could possibly use this issue to overwrite\nfiles that should have remained immutable. (CVE-2026-2340)\n\nArad Inbar, Nir Somech, and Ben Grinberg discovered that Samba incorrectly\nhandled certificate auto-enrolment group policies over HTTP without\nverification. A machine-in-the-middle attacker could possibly use this\nissue to install a malicious CA certificate. This issue only affected\nUbuntu 24.04 LTS, Ubuntu 25.10, and Ubuntu 26.04 LTS. (CVE-2026-3012)\n\nArad Inbar, Erez Cohen, Nir Somech, and Ben Grinberg discovered that\nSamba's Active Directory Domain Controller WINS server could be made to\ncrash under certain circumstances. A remote attacker could possibly use\nthis issue to cause a denial of service. (CVE-2026-3238)\n\nRon Ben Yizhak discovered that Samba's DCE/RPC SAMR server incorrectly\nhandled a non-default password check script configuration. A remote\nattacker could possibly use this issue to execute arbitrary code.\n(CVE-2026-4408)\n\nRon Ben Yizhak discovered that Samba's printing subsystem incorrectly\nhandled a non-default print command configuration. A remote attacker could\npossibly use this issue to execute arbitrary code. (CVE-2026-4480)",null,[],[],[],[14,16,18,20,22,24,26,28,30,32,34],{"_key":15},"CVE-2026-1933",{"_key":17},"CVE-2026-2340",{"_key":19},"CVE-2026-3012",{"_key":21},"CVE-2026-4408",{"_key":23},"CVE-2026-4480",{"_key":25},"UBUNTU-CVE-2026-1933",{"_key":27},"UBUNTU-CVE-2026-2340",{"_key":29},"UBUNTU-CVE-2026-3012",{"_key":31},"UBUNTU-CVE-2026-3238",{"_key":33},"UBUNTU-CVE-2026-4408",{"_key":35},"UBUNTU-CVE-2026-4480",[],[],[39,40,41,42,43,44],{"_key":35},{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},"2026-05-26T13:32:31Z","2026-05-27T19:15:17.435731591Z",{"cisa_kev":48,"cisa_ransomware":48,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[50,56,61,65,69,73,77],{"url":51,"sources":52,"tags":54},"https://ubuntu.com/security/notices/USN-8306-1",[53],"osv_ubuntu",[55],"Advisory",{"url":57,"sources":58,"tags":59},"https://ubuntu.com/security/CVE-2026-1933",[53],[60],"REPORT",{"url":62,"sources":63,"tags":64},"https://ubuntu.com/security/CVE-2026-2340",[53],[60],{"url":66,"sources":67,"tags":68},"https://ubuntu.com/security/CVE-2026-3012",[53],[60],{"url":70,"sources":71,"tags":72},"https://ubuntu.com/security/CVE-2026-3238",[53],[60],{"url":74,"sources":75,"tags":76},"https://ubuntu.com/security/CVE-2026-4408",[53],[60],{"url":78,"sources":79,"tags":80},"https://ubuntu.com/security/CVE-2026-4480",[53],[60],[],[],[],[85],{"ecosystem":86,"name":87,"vendor":88,"product":87,"cpe_part":9,"purl_type":89,"purl_namespace":88,"purl_name":87,"source":9,"versions":90},"Ubuntu","samba","ubuntu","deb",[91,97,100,103],{"version":92,"is_range":93,"range_type":94,"version_start":9,"version_start_type":9,"version_end":95,"version_end_type":96,"fixed_in":9},"lt2:4_15_13+dfsg_0ubuntu1_12",true,"ecosystem","2:4.15.13+dfsg-0ubuntu1.12","excluding",{"version":98,"is_range":93,"range_type":94,"version_start":9,"version_start_type":9,"version_end":99,"version_end_type":96,"fixed_in":9},"lt2:4_19_5+dfsg_4ubuntu9_6","2:4.19.5+dfsg-4ubuntu9.6",{"version":101,"is_range":93,"range_type":94,"version_start":9,"version_start_type":9,"version_end":102,"version_end_type":96,"fixed_in":9},"lt2:4_22_3+dfsg_4ubuntu2_4","2:4.22.3+dfsg-4ubuntu2.4",{"version":104,"is_range":93,"range_type":94,"version_start":9,"version_start_type":9,"version_end":105,"version_end_type":96,"fixed_in":9},"lt2:4_23_6+dfsg_1ubuntu2_1","2:4.23.6+dfsg-1ubuntu2.1"]