VDB
CVE-2026-4408
CVE-2026-4408
PUBLISHED
CVSS 9 CRITICAL
Reported by redhat · Published May 28, 2026
A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper escaping of shell meta-characters. This vulnerability allows an attacker to achieve remote command execution on the affected system. This issue primarily affects non-standard configurations where the "check password script" is used with %u and the samba-dcerpcd service is started as a system service.
Risk Scores
CVSS v3.1
9
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | Red Hat Enterprise Linux 10 | 0:4.23.5-109.el10_2 |
| Red Hat | Red Hat Enterprise Linux 8 | 0:4.19.4-16.el8_10 |
| Red Hat | Red Hat Enterprise Linux 8 | 0:4.19.4-16.el8_10 |
| Red Hat | Red Hat Enterprise Linux 9 | 0:4.23.5-10.el9_8 |
| Red Hat | Red Hat Enterprise Linux 9 | 0:4.23.5-10.el9_8 |
| Red Hat | Red Hat Enterprise Linux 6 | |
| Red Hat | Red Hat Enterprise Linux 6 | |
| Red Hat | Red Hat Enterprise Linux 7 | |
| Red Hat | Red Hat OpenShift Container Platform 4 | |
| Red Hat | Red Hat Enterprise Linux 9 | 0:4.23.5-10.el9_8, 0:4.23.5-10.el9_8 |
| alpine | samba | 0, 0, 0 |
| Red Hat | Red Hat Enterprise Linux 8 | 0:4.19.4-16.el8_10, 0:4.19.4-16.el8_10, 0:4.19.4-16.el8_10 |
| Red Hat | Red Hat Enterprise Linux 10 | 0:4.23.5-109.el10_2, 0:4.23.5-109.el10_2, 0:4.23.5-109.el10_2 |
| Red Hat | Red Hat Enterprise Linux 6 | |
| Red Hat | Red Hat Enterprise Linux 7 | |
| Red Hat | Red Hat OpenShift Container Platform 4 | |
| Red Hat | Red Hat Enterprise Linux 6 |
Timeline
- May 26, 2026 CVE Published
- May 28, 2026 EPSS Score
- May 29, 2026 EPSS Score
- May 30, 2026 EPSS Score
- May 31, 2026 EPSS Score
- Jun 1, 2026 EPSS Score
- Jun 2, 2026 Security Advisory
- Jun 3, 2026 Distribution Patch
- Jun 3, 2026 Security Advisory
- Jun 4, 2026 Distribution Patch
- Jun 4, 2026 Security Advisory
- Jun 8, 2026 Coalition ESS Score
References
- RHSA-2026:22644 vendor-advisoryx_refsource_REDHAT
- RHSA-2026:22963 vendor-advisoryx_refsource_REDHAT
- RHSA-2026:25049 vendor-advisoryx_refsource_REDHAT
- vdb-entryx_refsource_REDHAT
- RHBZ#2479762 issue-trackingx_refsource_REDHAT