A maximum-severity vulnerability in Samba's printing subsystem — CVE-2026-4480, CVSS 10.0 — lets unauthenticated attackers run arbitrary commands on affected Linux and Unix systems. The flaw lives in the %J substitution parameter used in print commands, which passes client-controlled input directly into a shell without escaping special characters. Since many Samba setups allow guest print job submissions by default, no credentials are needed to exploit it.
Patches are out: Samba versions 4.22.10, 4.23.8, and 4.24.3 fix the issue. Systems using printing = cups or iprint aren't affected. If patching isn't immediate, removing %J from your smb.conf print command is the safest workaround.
Source: Cybersecurity News