{"uuid": "ef598036-eda2-4311-807e-ebbdfb04a51d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "name": "Debian - [SECURITY] [DSA 6297-1] samba security update", "description": "Package        : samba\nCVE ID         : CVE-2026-1933 CVE-2026-2340 CVE-2026-3012 CVE-2026-3238\n                 CVE-2026-4408 CVE-2026-4480\n\nSeveral vulnerabilities have been discovered in Samba, a SMB/CIFS file,\nprint, and login server for Unix, which might result in bypass of access\nchecks, overwrite of files in unintended situations using the WORM vfs\nmodule, installing CA certificates over http without verification when\nauto-enrollment GPO is enabled, denial of service or remote code\nexecution.\n\nFor the oldstable distribution (bookworm), these problems have been\nfixed in version 2:4.17.12+dfsg-0+deb12u4.\n\nFor the stable distribution (trixie), these problems have been fixed in\nversion 2:4.22.8+dfsg-0+deb13u2.\n\nWe recommend that you upgrade your samba packages.\n\nFor the detailed security status of samba please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/samba\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "creation_timestamp": "2026-05-26T14:33:00.802229+00:00", "timestamp": "2026-05-26T14:33:00.802229+00:00", "related_vulnerabilities": ["CVE-2026-1933", "CVE-2026-2340", "CVE-2026-4480", "CVE-2026-4408", "CVE-2026-3238", "CVE-2026-3012"], "author": {"login": "adulau", "name": "Alexandre Dulaunoy", "uuid": "c933734a-9be8-4142-889e-26e95c752803"}}