CVE-2026-4480 – Red Hat Enterprise Linux 10 – Samba

CVSS 9 CRITICAL

“A command injection weakness in a core operating system can quickly become a path to remote compromise.”

Red Hat released a patch for a high-severity vulnerability affecting Red Hat Enterprise Linux 10. CVE-2026-4480 has a CVSS score of 8.5, which is High severity.

The vulnerability affects the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the “print command” setting via the “%J” substitution character without escaping shell meta characters. A remote attacker could exploit this vulnerability by sending a specially crafted print job description containing unescaped shell characters. Successful exploitation could lead to remote code execution on the affected system. The update strengthens input validation and command execution protections to reduce exposure.

Key Details

Affected Product: Redhat Openshift Container Platform
Attack Vector: Network
Attack Complexity: High
Privileges Required: None
User Interaction: None
CWE Classification: CWE-78

Patch this CVE on all your endpoints in under 5 minutes. First 200 endpoints are free forever, scale as needed.

CVE-2026-4480 – Red Hat Enterprise Linux 10 – Samba

Key Details

Stay Tuned

PLATFORM

SOLUTIONS

RESOURCES

COMPANY

LEGAL

CONTACTS

+1-346-444-8530

Toll Free: 833-444-8530

708 Main St, 10th FL, Houston, TX 77002