{"vulnerability": "CVE-2026-4408", "sightings": [{"uuid": "831f2703-3e94-40a3-8518-aa7661932cfd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-44088", "type": "seen", "source": "https://cert.pl/en/posts/2026/05/CVE-2026-44088", "content": "", "creation_timestamp": "2026-05-15T03:55:00.000000Z"}, {"uuid": "03689b06-7740-47a1-8b1d-b4a99e4368f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4408", "type": "seen", "source": "https://bsky.app/profile/slackers.it/post/3mmsfyl27rh2e", "content": "6/9\n\nhttps://www.cve.org/CVERecord?id=CVE-2026-3238\n    https://www.cve.org/CVERecord?id=CVE-2026-4408\n    https://www.cve.org/CVERecord?id=CVE-2026-4480\n    https://www.samba.org/samba/security/CVE-2026-1933.html\n    https://www.samba.org/samba/security/CVE-2026-2340.html", "creation_timestamp": "2026-05-27T02:01:28.963188Z"}, {"uuid": "3066886c-b60a-46f4-8794-68a2208de792", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44088", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlv7x6j6yd2e", "content": "CVE-2026-44088 - Remote Code Execution in SzafirHost\nCVE ID : CVE-2026-44088\n \n Published : May 15, 2026, 9:16 a.m. | 50\u00a0minutes ago\n \n Description : SzafirHost verifies the signature of the downloaded JAR file using class JarInputStream (reading from the beginning of the file...", "creation_timestamp": "2026-05-15T11:26:05.212762Z"}, {"uuid": "e8acf771-14ca-4d05-9cfb-9de61835da40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2026-4408", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/ef598036-eda2-4311-807e-ebbdfb04a51d", "content": "", "creation_timestamp": "2026-05-26T14:33:00.800801Z"}, {"uuid": "c423e86c-8cda-4c94-b662-9d80c288651c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4408", "type": "seen", "source": "https://bsky.app/profile/slackers.it/post/3mmsfym7jpe2x", "content": "7/9\n\nhttps://www.samba.org/samba/security/CVE-2026-3012.html\n    https://www.samba.org/samba/security/CVE-2026-3238.html\n    https://www.samba.org/samba/security/CVE-2026-4408.html\n    https://www.samba.org/samba/security/CVE-2026-4480.html\n  (* Security fix *)", "creation_timestamp": "2026-05-27T02:01:30.815945Z"}, {"uuid": "b2809583-c250-4d48-a77d-f76f0677dc23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-4408", "type": "seen", "source": "https://www.acn.gov.it/portale/w/nuove-vulnerabilita-in-samba", "content": "", "creation_timestamp": "2026-05-27T02:24:19.000000Z"}, {"uuid": "d6d3e9ce-9785-4370-aa3e-801fc045966c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4408", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mmtq4rm6nz2c", "content": "\ud83d\udd17 CVE : CVE-2026-1933, CVE-2026-2340, CVE-2026-3012, CVE-2026-3238, CVE-2026-4408, CVE-2026-4480, CVE-2026-1933, CVE-2026-2340, CVE-2026-3012, CVE-2026-3238, CVE-2026-4408, CVE-2026-4480", "creation_timestamp": "2026-05-27T14:35:22.500167Z"}, {"uuid": "fd5aab4d-8d84-47c8-8847-6bc111953846", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4408", "type": "seen", "source": "https://t.me/bdufstecru/3200", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 check password script \u043c\u043e\u0434\u0443\u043b\u044f DCE/RPC SAMR server \u043f\u0430\u043a\u0435\u0442\u0430 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f Samba \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043f\u0440\u0438\u043d\u044f\u0442\u0438\u0435\u043c \u043c\u0435\u0440 \u043f\u043e \u043d\u0435\u0439\u0442\u0440\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u043e\u0432 \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430 %u. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043f\u0443\u0442\u0435\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e RPC-\u0437\u0430\u043f\u0440\u043e\u0441\u0430\n\nBDU:2026-07316\nCVE-2026-4408\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Samba:\nhttps://www.samba.org/samba/security/CVE-2026-4408.html\n\n\u0414\u043b\u044f Debian GNU/Linux:\nhttps://security-tracker.debian.org/tracker/CVE-2026-4408\n\n\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b:\n- \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u0438\u043c\u0432\u043e\u043b\u0430 \u043f\u043e\u0434\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 %u \u0432 \u0441\u043a\u0440\u0438\u043f\u0442\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u0430\u0440\u043e\u043b\u044f (\u043f\u0440\u0438 \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0442\u044c \u0441\u0438\u043c\u0432\u043e\u043b %u \u0432 \u043e\u0434\u0438\u043d\u0430\u0440\u043d\u044b\u0435 \u043a\u0430\u0432\u044b\u0447\u043a\u0438);\n- \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0441\u043b\u0443\u0436\u0431\u044b samba-dcerpcd \u043a\u0430\u043a \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0439 \u0441\u043b\u0443\u0436\u0431\u044b (\u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430 rpc start on demand helpers \u0432 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e (yes));\n- \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u0441\u043a\u0440\u0438\u043f\u0442\u0430 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u0430\u0440\u043e\u043b\u044f \u043d\u0430 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0435 \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0438\u0437 \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0439 \u0441\u0440\u0435\u0434\u044b SAMBA_CPS_ACCOUNT_NAME.", "creation_timestamp": "2026-05-27T14:39:25.000000Z"}]}