SUSE-SU-2026:22045-1
Vulnerability from csaf_suse - Published: 2026-06-05 08:34 - Updated: 2026-06-05 08:34Summary
Security update for samba
Severity
Critical
Notes
Title of the patch: Security update for samba
Description of the patch: This update for samba fixes the following issues
Security issues:
- CVE-2026-1933: Missing access check on reparse point operations (bsc#1261188).
- CVE-2026-2340: vfs_worm does not block directory modification (bsc#1261158).
- CVE-2026-3012: group policy certificate enrollment uses http: // without validation (bsc#1261159).
- CVE-2026-3238: unauthenticated udp packet crashes AD DC nbt server (bsc#1261160).
- CVE-2026-4408: Remote Code Execution in SAMR (bsc#1261163).
- CVE-2026-4480: Unauthenticated Remote Code Execution (bsc#1261161).
Changes for samba:
- network:samba:STABLE/samba: "use-kerberos=desired" broken / Dolphin requires login for Samba shares (bsc#1255755).
- Samba service start times out (SElinux relabel takes too long) (bsc#1259050).
- samba-ad-dc-libs packages is missing a DLZ plugin for bind 9.20 (bsc#1249058).
- VFS_Snapper does not show previous file versions in subdirectories. (bsc#1259667).
- Updated to 4.22.9
Patchnames: SUSE-SL-Micro-6.2-890
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.1 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
9.9 (Critical)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
10 (Critical)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
References
35 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for samba",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for samba fixes the following issues\n\nSecurity issues:\n\n- CVE-2026-1933: Missing access check on reparse point operations (bsc#1261188).\n- CVE-2026-2340: vfs_worm does not block directory modification (bsc#1261158).\n- CVE-2026-3012: group policy certificate enrollment uses http: // without validation (bsc#1261159).\n- CVE-2026-3238: unauthenticated udp packet crashes AD DC nbt server (bsc#1261160).\n- CVE-2026-4408: Remote Code Execution in SAMR (bsc#1261163).\n- CVE-2026-4480: Unauthenticated Remote Code Execution (bsc#1261161).\n\nChanges for samba:\n\n- network:samba:STABLE/samba: \"use-kerberos=desired\" broken / Dolphin requires login for Samba shares (bsc#1255755).\n- Samba service start times out (SElinux relabel takes too long) (bsc#1259050).\n- samba-ad-dc-libs packages is missing a DLZ plugin for bind 9.20 (bsc#1249058).\n- VFS_Snapper does not show previous file versions in subdirectories. (bsc#1259667).\n- Updated to 4.22.9\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SL-Micro-6.2-890",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_22045-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:22045-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622045-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:22045-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-June/047206.html"
},
{
"category": "self",
"summary": "SUSE Bug 1249058",
"url": "https://bugzilla.suse.com/1249058"
},
{
"category": "self",
"summary": "SUSE Bug 1255755",
"url": "https://bugzilla.suse.com/1255755"
},
{
"category": "self",
"summary": "SUSE Bug 1257200",
"url": "https://bugzilla.suse.com/1257200"
},
{
"category": "self",
"summary": "SUSE Bug 1259050",
"url": "https://bugzilla.suse.com/1259050"
},
{
"category": "self",
"summary": "SUSE Bug 1259667",
"url": "https://bugzilla.suse.com/1259667"
},
{
"category": "self",
"summary": "SUSE Bug 1261158",
"url": "https://bugzilla.suse.com/1261158"
},
{
"category": "self",
"summary": "SUSE Bug 1261159",
"url": "https://bugzilla.suse.com/1261159"
},
{
"category": "self",
"summary": "SUSE Bug 1261160",
"url": "https://bugzilla.suse.com/1261160"
},
{
"category": "self",
"summary": "SUSE Bug 1261161",
"url": "https://bugzilla.suse.com/1261161"
},
{
"category": "self",
"summary": "SUSE Bug 1261163",
"url": "https://bugzilla.suse.com/1261163"
},
{
"category": "self",
"summary": "SUSE Bug 1261188",
"url": "https://bugzilla.suse.com/1261188"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-1933 page",
"url": "https://www.suse.com/security/cve/CVE-2026-1933/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-2340 page",
"url": "https://www.suse.com/security/cve/CVE-2026-2340/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-3012 page",
"url": "https://www.suse.com/security/cve/CVE-2026-3012/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-3238 page",
"url": "https://www.suse.com/security/cve/CVE-2026-3238/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-4408 page",
"url": "https://www.suse.com/security/cve/CVE-2026-4408/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-4480 page",
"url": "https://www.suse.com/security/cve/CVE-2026-4480/"
}
],
"title": "Security update for samba",
"tracking": {
"current_release_date": "2026-06-05T08:34:05Z",
"generator": {
"date": "2026-06-05T08:34:05Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:22045-1",
"initial_release_date": "2026-06-05T08:34:05Z",
"revision_history": [
{
"date": "2026-06-05T08:34:05Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"product": {
"name": "libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"product_id": "libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"product": {
"name": "samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"product_id": "samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"product": {
"name": "libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"product_id": "libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"product": {
"name": "samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"product_id": "samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"product": {
"name": "libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"product_id": "libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.s390x"
}
},
{
"category": "product_version",
"name": "samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"product": {
"name": "samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"product_id": "samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64",
"product": {
"name": "libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64",
"product_id": "libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64",
"product": {
"name": "samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64",
"product_id": "samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.2",
"product": {
"name": "SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64"
},
"product_reference": "libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le"
},
"product_reference": "libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.s390x as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.s390x"
},
"product_reference": "libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64"
},
"product_reference": "libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64"
},
"product_reference": "samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le"
},
"product_reference": "samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.s390x as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.s390x"
},
"product_reference": "samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64"
},
"product_reference": "samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-1933",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-1933"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in Samba\u0027s handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users with underlying filesystem write permissions may create or delete reparse point metadata through SMB operations even on read-only exports. This could allow modification of SMB-visible file behavior, including converting files into symbolic links or other reparse point types.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-1933",
"url": "https://www.suse.com/security/cve/CVE-2026-1933"
},
{
"category": "external",
"summary": "SUSE Bug 1261188 for CVE-2026-1933",
"url": "https://bugzilla.suse.com/1261188"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-05T08:34:05Z",
"details": "important"
}
],
"title": "CVE-2026-1933"
},
{
"cve": "CVE-2026-2340",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-2340"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in Samba\u0027s vfs_worm module. The module is intended to provide write-once, read-many (WORM) protections by preventing modification of files after a configurable grace period. Due to insufficient validation during rename operations, an authenticated user with write access to a share could overwrite a protected file by renaming a newly created file over the existing WORM-protected file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-2340",
"url": "https://www.suse.com/security/cve/CVE-2026-2340"
},
{
"category": "external",
"summary": "SUSE Bug 1261158 for CVE-2026-2340",
"url": "https://bugzilla.suse.com/1261158"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-05T08:34:05Z",
"details": "moderate"
}
],
"title": "CVE-2026-2340"
},
{
"cve": "CVE-2026-3012",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-3012"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in Samba\u0027s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability to intercept or redirect network traffic could exploit this behavior to supply a malicious certificate authority certificate, potentially allowing interception or spoofing of trusted communications.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-3012",
"url": "https://www.suse.com/security/cve/CVE-2026-3012"
},
{
"category": "external",
"summary": "SUSE Bug 1261159 for CVE-2026-3012",
"url": "https://bugzilla.suse.com/1261159"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-05T08:34:05Z",
"details": "important"
}
],
"title": "CVE-2026-3012"
},
{
"cve": "CVE-2026-3238",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-3238"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in Samba\u0027s WINS server component when running as an Active Directory Domain Controller. The WINS protocol handlers for certain request types did not properly validate incoming packets, allowing an unauthenticated remote attacker to trigger a NULL pointer dereference and crash the WINS service using specially crafted UDP packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-3238",
"url": "https://www.suse.com/security/cve/CVE-2026-3238"
},
{
"category": "external",
"summary": "SUSE Bug 1261160 for CVE-2026-3238",
"url": "https://bugzilla.suse.com/1261160"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-05T08:34:05Z",
"details": "important"
}
],
"title": "CVE-2026-3238"
},
{
"cve": "CVE-2026-4408",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-4408"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the \"check password script\" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper escaping of shell meta-characters. This vulnerability allows an attacker to achieve remote command execution on the affected system. This issue primarily affects non-standard configurations where the \"check password script\" is used with %u and the samba-dcerpcd service is started as a system service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-4408",
"url": "https://www.suse.com/security/cve/CVE-2026-4408"
},
{
"category": "external",
"summary": "SUSE Bug 1261163 for CVE-2026-4408",
"url": "https://bugzilla.suse.com/1261163"
},
{
"category": "external",
"summary": "SUSE Bug 1267999 for CVE-2026-4408",
"url": "https://bugzilla.suse.com/1267999"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-05T08:34:05Z",
"details": "critical"
}
],
"title": "CVE-2026-4408"
},
{
"cve": "CVE-2026-4480",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-4480"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the \"print command\" setting via the \"%J\"\nsubstitution character without escaping shell meta characters. A remote attacker could exploit this vulnerability by sending a specially crafted print job description that contains unescaped shell characters. This could lead to remote code execution on the affected system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-4480",
"url": "https://www.suse.com/security/cve/CVE-2026-4480"
},
{
"category": "external",
"summary": "SUSE Bug 1261161 for CVE-2026-4480",
"url": "https://bugzilla.suse.com/1261161"
},
{
"category": "external",
"summary": "SUSE Bug 1267999 for CVE-2026-4480",
"url": "https://bugzilla.suse.com/1267999"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 10,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libldb2-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.s390x",
"SUSE Linux Micro 6.2:samba-client-libs-4.22.9+git.506.22c03ce0781-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-05T08:34:05Z",
"details": "critical"
}
],
"title": "CVE-2026-4480"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…