Critical Samba Flaw Lets Attackers Take Over Systems Without Logging In

Critical Samba vulnerability CVE-2026-4480 allows remote code execution on Unix systems. Patch now or remove %J from smb.conf for safety.

By Content Team

May 31, 2026

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

A maximum-severity vulnerability in Samba's printing subsystem — CVE-2026-4480, CVSS 10.0 — lets unauthenticated attackers run arbitrary commands on affected Linux and Unix systems. The flaw lives in the %J substitution parameter used in print commands, which passes client-controlled input directly into a shell without escaping special characters. Since many Samba setups allow guest print job submissions by default, no credentials are needed to exploit it.

Patches are out: Samba versions 4.22.10, 4.23.8, and 4.24.3 fix the issue. Systems using printing = cups or iprint aren't affected. If patching isn't immediate, removing %J from your smb.conf print command is the safest workaround.

Source: Cybersecurity News

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Google Patches Actively Exploited Chrome Zero-Day — Update Immediately

Apr 2, 2026

'PackageGate' Vulnerabilities Expose JavaScript Package Managers to Supply Chain Attacks

Jan 27, 2026

Asian Cyberspy Group Infiltrates Government Systems Across 37 Countries

Feb 9, 2026

Nearly 1 Million User Records Compromised in Figure Data Breach

Feb 19, 2026