vulnerability

Red Hat: CVE-2026-4480: samba: Samba: Remote Code Execution in printing subsystem via unescaped job description (Multiple Advisories)

Name: Red Hat: CVE-2026-4480: samba: Samba: Remote Code Execution in printing subsystem via unescaped job description (Multiple Advisories)
Creator: Red Hat
Published: 2026-05-26T00:00:00.000Z

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:M/Au:S/C:C/I:C/A:C)

Published

May 26, 2026

Added

Jun 4, 2026

Modified

Jun 5, 2026

Description

A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J"
substitution character without escaping shell meta characters. A remote attacker could exploit this vulnerability by sending a specially crafted print job description that contains unescaped shell characters. This could lead to remote code execution on the affected system.

Solutions

redhat-upgrade-ctdbredhat-upgrade-ctdb-debuginforedhat-upgrade-ldb-toolsredhat-upgrade-ldb-tools-debuginforedhat-upgrade-libldbredhat-upgrade-libldb-debuginforedhat-upgrade-libldb-develredhat-upgrade-libnetapiredhat-upgrade-libnetapi-debuginforedhat-upgrade-libnetapi-develredhat-upgrade-libsmbclientredhat-upgrade-libsmbclient-debuginforedhat-upgrade-libsmbclient-develredhat-upgrade-libwbclientredhat-upgrade-libwbclient-debuginforedhat-upgrade-libwbclient-develredhat-upgrade-python3-ldbredhat-upgrade-python3-ldb-debuginforedhat-upgrade-python3-sambaredhat-upgrade-python3-samba-dcredhat-upgrade-python3-samba-dc-debuginforedhat-upgrade-python3-samba-debuginforedhat-upgrade-python3-samba-develredhat-upgrade-python3-samba-testredhat-upgrade-sambaredhat-upgrade-samba-clientredhat-upgrade-samba-client-debuginforedhat-upgrade-samba-client-libsredhat-upgrade-samba-client-libs-debuginforedhat-upgrade-samba-commonredhat-upgrade-samba-common-libsredhat-upgrade-samba-common-libs-debuginforedhat-upgrade-samba-common-toolsredhat-upgrade-samba-common-tools-debuginforedhat-upgrade-samba-dc-libsredhat-upgrade-samba-dc-libs-debuginforedhat-upgrade-samba-dcerpcredhat-upgrade-samba-dcerpc-debuginforedhat-upgrade-samba-debuginforedhat-upgrade-samba-debugsourceredhat-upgrade-samba-develredhat-upgrade-samba-gpupdateredhat-upgrade-samba-krb5-printingredhat-upgrade-samba-krb5-printing-debuginforedhat-upgrade-samba-ldb-ldap-modulesredhat-upgrade-samba-ldb-ldap-modules-debuginforedhat-upgrade-samba-libsredhat-upgrade-samba-libs-debuginforedhat-upgrade-samba-pidlredhat-upgrade-samba-testredhat-upgrade-samba-test-debuginforedhat-upgrade-samba-test-libsredhat-upgrade-samba-test-libs-debuginforedhat-upgrade-samba-toolsredhat-upgrade-samba-usersharesredhat-upgrade-samba-vfs-iouringredhat-upgrade-samba-vfs-iouring-debuginforedhat-upgrade-samba-winbindredhat-upgrade-samba-winbind-clientsredhat-upgrade-samba-winbind-clients-debuginforedhat-upgrade-samba-winbind-debuginforedhat-upgrade-samba-winbind-krb5-locatorredhat-upgrade-samba-winbind-krb5-locator-debuginforedhat-upgrade-samba-winbind-modulesredhat-upgrade-samba-winbind-modules-debuginforedhat-upgrade-samba-winexeredhat-upgrade-samba-winexe-debuginfo

References

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report