CVE-2026-1933— Samba: missing access check on reparse point operations
Affected Version Matrix 7
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Red Hat | Red Hat Enterprise Linux 10 | any | affected |
| Red Hat | Red Hat Enterprise Linux 6 | any | unknown |
any | unknown | ||
| Red Hat | Red Hat Enterprise Linux 7 | any | affected |
| Red Hat | Red Hat Enterprise Linux 8 | any | affected |
| Red Hat | Red Hat Enterprise Linux 9 | any | affected |
| Red Hat | Red Hat OpenShift Container Platform 4 | any | affected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-1933
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Samba: missing access check on reparse point operations
Source: NVD (National Vulnerability Database)
Vulnerability Description
A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users with underlying filesystem write permissions may create or delete reparse point metadata through SMB operations even on read-only exports. This could allow modification of SMB-visible file behavior, including converting files into symbolic links or other reparse point types.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
访问控制不恰当
Source: NVD (National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Red Hat | Red Hat Enterprise Linux 10 | - | cpe:/o:redhat:enterprise_linux:10 | |
| Red Hat | Red Hat Enterprise Linux 6 | - | cpe:/o:redhat:enterprise_linux:6 | |
| Red Hat | Red Hat Enterprise Linux 6 | - | cpe:/o:redhat:enterprise_linux:6 | |
| Red Hat | Red Hat Enterprise Linux 7 | - | cpe:/o:redhat:enterprise_linux:7 | |
| Red Hat | Red Hat Enterprise Linux 8 | - | cpe:/o:redhat:enterprise_linux:8 | |
| Red Hat | Red Hat Enterprise Linux 9 | - | cpe:/o:redhat:enterprise_linux:9 | |
| Red Hat | Red Hat OpenShift Container Platform 4 | - | cpe:/a:redhat:openshift:4 |
II. Public POCs for CVE-2026-1933
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-1933
请登录查看更多情报信息。
Patches & Fixes for CVE-2026-1933 (1)
Vendor Advisories for CVE-2026-1933 (1)
- 🔗 2447317 – (CVE-2026-1933) CVE-2026-1933 samba: Missing access check on reparse point operations Read full article issue-trackingx_refsource_REDHAT
Other References for CVE-2026-1933 (1)
Same Patch Batch · Red Hat · 2026-05-27 · 5 CVEs total
| CVE-2026-3012 | 8.0 HIGH | Samba: group policy certificate enrollment uses http:// without validation |
| CVE-2026-9704 | 6.8 MEDIUM | Keycloak: keycloak: privilege escalation due to oversized subject_token jwt |
| CVE-2026-2340 | 6.5 MEDIUM | Samba: vfs_worm does not block directory modification |
| CVE-2026-9689 | 4.2 MEDIUM | Keycloak: org.keycloak.protocol.oidc: http parameter pollution in oidc redirect uri allows |
IV. Related Vulnerabilities
Same product: Red Hat Enterprise Linux 10
- CVE-2026-2340
Samba: vfs_worm does not block directory modification - CVE-2026-3012
Samba: group policy certificate enrollment uses http:// with - CVE-2026-4480
Samba: samba: remote code execution in printing subsystem vi - CVE-2026-9149
Libsolv: heap buffer overflow in libsolv repo_add_solv via n - CVE-2026-9150
Libsolv: stack-based buffer overflow in libsolv's debian met
Same vendor: Red Hat
- CVE-2026-9704
Keycloak: keycloak: privilege escalation due to oversized su - CVE-2026-2340
Samba: vfs_worm does not block directory modification - CVE-2026-9689
Keycloak: org.keycloak.protocol.oidc: http parameter polluti - CVE-2026-3012
Samba: group policy certificate enrollment uses http:// with - CVE-2026-42013
Gnutls: gnutls: certificate validation bypass due to oversiz
Same weakness: CWE-284
- CVE-2026-46416
Microsoft UFO shared WebSocket handler state causes cross-cl - CVE-2026-47269
pam_usb: deny_remote feature incorrectly classifies IPv4-map - CVE-2026-48906
Extension - tassos.gr - Arbitrary File Deletion in Novarain/ - CVE-2026-49002
Broken Access Control Vulnerabily in ZTE ZXUniPOS NDS-LTE pr - CVE-2026-41704
Compromised VM can make arbitrary blobstore deletes
V. Comments for CVE-2026-1933
No comments yet