CVE-2026-4480

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Samba versions prior to 4.22.10 Samba versions prior to 4.23.8 Samba versions prior to 4.24.3

Description A flaw exists in the Samba printing subsystem where the software passes a client-controlled job description string to the command configured in the "print command" setting using the %J substitution character. Because shell meta characters are not properly escaped, a remote unauthenticated attacker can send a specially crafted print job description containing unescaped shell characters to execute arbitrary code on the affected system.

Recommendations Update to version 4.22.10. Update to version 4.23.8. Update to version 4.24.3. As a temporary workaround, remove %J from the "print command" configurations in the smb.conf file.

Fix

RCE

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78

Related Identifiers

ALSA-2026:22644

ALSA-2026:22963

BDU:2026-07317

CVE-2026-4480

ECHO-A229-4B9E-B030

OPENSUSE-SU-2026:10884-1

USN-8306-1

Affected Products

Linuxmint

Samba

Ubuntu

CVE-2026-4480

Weakness Enumeration

Related Identifiers

Affected Products

References · 60