samba-gpupdate (AlmaLinux:10) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the AlmaLinux:10 package samba-gpupdate, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (6)
CVE-2026-4408 — CVSS 9.0 (critical): A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use…
CVE-2026-4480 — CVSS 9.0 (critical): A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with…
CVE-2026-3012 — CVSS 8.0 (high): A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may…
CVE-2026-40170 — CVSS 7.5 (high): ngtcp2 is a C implementation of the IETF QUIC protocol. In versions prior to 1.22.1, ngtcp2_qlog_parameters_set_transport_params()…
CVE-2026-1933 — CVSS 7.1 (high): A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer…
CVE-2026-2340 — CVSS 6.5 (medium): A flaw was found in Samba’s vfs_worm module. The module is intended to provide write-once, read-many (WORM) protections by preventing…