Summary
Samba patched a critical remote code execution vulnerability (CVE-2026-4480) in its printing subsystem caused by improper sanitization of the %J substitution parameter. The flaw allows unauthenticated attackers to run arbitrary shell commands by submitting crafted print job descriptions.
Take Action:
If you run Samba file/print servers, immediately upgrade to versions 4.22.10, 4.23.8, or 4.24.3 to patch CVE-2026-4480, or as a quick fix remove the %J parameter from the "print command" line in your smb.conf file. Also disable guest access to printing and make sure your Samba servers are only reachable from trusted internal networks, never directly from the internet.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)