samba (SUSE:Linux Micro 6.2) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Micro 6.2 package samba, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (8)
CVE-2025-10230 — CVSS 10.0 (critical): A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without…
CVE-2026-4480 — CVSS 9.0 (critical): A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with…
CVE-2026-4408 — CVSS 9.0 (critical): A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use…
CVE-2026-3012 — CVSS 8.0 (high): A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may…
CVE-2026-3238 — CVSS 7.5 (high): A flaw was found in Samba’s WINS server component when running as an Active Directory Domain Controller. The WINS protocol handlers for…
CVE-2026-1933 — CVSS 7.1 (high): A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer…
CVE-2026-2340 — CVSS 6.5 (medium): A flaw was found in Samba’s vfs_worm module. The module is intended to provide write-once, read-many (WORM) protections by preventing…
CVE-2025-9640 — CVSS 4.3 (medium): A flaw was found in Samba, in the vfs_streams_xattr module, where uninitialized heap memory could be written into alternate data streams…