Product
critical
threat
CVE-2026-4408: Samba Remote Command Execution via Misconfigured Password Check Script
2 rules 1 TTP 1 CVECVE-2026-4408 describes a remote command execution vulnerability in Samba file servers and classic domain controllers where a misconfigured 'check password script' feature, using the %u substitution character without proper escaping, allows attackers to execute arbitrary commands.
Samba
cve
rce
2r
1t
1c
medium
advisory
Samba NTFS Reparse Point Vulnerability (CVE-2026-1933)
2 rules 1 TTP 1 CVECVE-2026-1933 describes a vulnerability in Samba's handling of NTFS-style reparse points on read-only shares, allowing authenticated users with filesystem write permissions to modify reparse point metadata and potentially alter SMB-visible file behavior.
Samba
cve
cve-2026-1933
reparse point
privilege escalation
smb
2r
1t
1c