248 CVEs

2 in CISA KEV

samba Vulnerabilities

CVE security advisories and vulnerability history for samba.

248

Total CVEs

Published

2

In CISA KEV

Exploited in the wild

35

Public exploits

With known exploit

6.5

Avg CVSS

1999–2026

Overview

samba has 248 published CVE records since 1999, of which 2 are in CISA's Known Exploited Vulnerabilities catalog and 35 have a known public exploit. The average CVSS base score across scored CVEs is 6.5.

This page aggregates every publicly disclosed vulnerability (CVE) affecting samba products, with severity breakdowns, the most-affected products, the most common weakness types, and the latest disclosures.

Severity and exploitation

How the CVSS severity of samba's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.

Critical8

High21

Medium50

Low1

168 additional CVEs have no CVSS severity score.

In CISA’s Known Exploited Vulnerabilities catalog

2

2 of samba's CVEs are confirmed exploited in the wild.

Public exploits

35

35 of samba's CVEs have a known public exploit available.

Most affected products

The samba products with the most published CVEs.

samba214 CVEs
debian linux64 CVEs
ubuntu linux60 CVEs
fedora53 CVEs
enterprise linux35 CVEs
rsync24 CVEs
Red Hat Enterprise Linux 921 CVEs
Red Hat Enterprise Linux 821 CVEs

Common weakness types

The CWE weakness categories most often found in samba CVEs. Follow any weakness for its full explanation.

CNAs that assign these CVEs

The CVE Numbering Authorities that publish samba CVE records.

Disclosure activity by year

How many samba CVEs were published each year.

2019

14

2020

15

2021

6

2022

30

2023

19

2024

1

2025

9

2026

8

Latest samba CVEs

The most recently disclosed vulnerabilities affecting samba.

Samba: vfs_worm does not block directory modification
CWE-280
Medium · CVSS 6.5
EPSS 0.0%2026-05-27
Rsync < 3.4.3 TOCTOU Race Condition Allows Symlink-Based Arbitrary File Write
CWE-367
High · CVSS 7.3
EPSS 0.0%2026-05-20
Rsync < 3.4.3 Authorization Bypass via Hostname Resolution
CWE-289
Medium · CVSS 6.3
EPSS 0.0%2026-05-20
Rsync < 3.4.3 Integer Overflow Information Disclosure
CWE-125
High · CVSS 8.1
EPSS 0.1%2026-05-20
Rsync < 3.4.3 Symlink Race Condition via Path-Based Syscalls
CWE-367
High · CVSS 7.2
EPSS 0.0%2026-05-20
Rsync < 3.4.3 Out-of-Bounds Array Read via recv_files()
CWE-125
Medium · CVSS 6.9
EPSS 0.0%2026-05-20
Rsync < 3.4.3 Off-by-One Stack Write via HTTP Proxy
CWE-193
Low · CVSS 3.1
EPSS 0.0%2026-05-20
High vulnerability · 2026-04-16
CWE-130
High · CVSS 7.4
EPSS 0.0%2026-04-16
Samba: command injection in wins server hook script
CWE-78
Critical · CVSS 10.0
EPSS 0.4%2025-11-07
Samba: vfs_streams_xattr uninitialized memory write possible
CWE-908
Medium · CVSS 4.3
EPSS 0.1%2025-10-15
Samba: smbd doesn't pick up group membership changes when re-authenticating an expired smb session
CWE-552
Medium · CVSS 4.9
EPSS 0.3%2025-06-06
Critical vulnerability · 2025-04-22
CWE-426
Critical · CVSS 9.3
EPSS 0.1%2025-04-22

Track new samba CVEs as they are disclosed and get AI-written analysis and remediation guidance.

Monitor samba CVEs

Other vendors

Browse vulnerabilities for other tracked vendors.

artifex259 CVEs isc259 CVEs org.jenkins-ci.main258 CVEs Elastic252 CVEs ABB250 CVEs progress247 CVEs SonicWall246 CVEs wikimedia245 CVEs

Browse all vendors

Frequently asked questions

Common questions about samba vulnerabilities.

How many CVEs does samba have?

samba has 248 published CVE records since 1999, including 17 in the last two years.

How many samba CVEs are in CISA KEV?

Yes — 2 of samba's CVEs are listed in CISA's Known Exploited Vulnerabilities catalog, confirmed exploited in the wild and carrying a CISA remediation deadline.

Which samba products have the most CVEs?

The samba products with the most published CVEs are samba, debian linux, ubuntu linux, fedora, enterprise linux.

What are the most common weakness types in samba CVEs?

samba's CVEs most often map to these CWE weakness types: CWE-125 (Out-of-bounds Read), CWE-20 (Improper Input Validation), CWE-22 (Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')), CWE-476 (NULL Pointer Dereference).

Are there public exploits for samba vulnerabilities?

Yes — 35 of samba's CVEs have a known public exploit.

How many critical samba vulnerabilities are there?

samba has 8 critical and 21 high-severity CVEs.

What is the average severity of samba CVEs?

The average CVSS base score across samba's scored CVEs is 6.5.

References

Vulnerability data is sourced from the CVE Program; severity, KEV, and exploit signals are aggregated by RadicalNotion.AI.

Track samba vulnerabilities

Monitor new samba vulnerabilities as they are disclosed, with AI-written analysis and remediation guidance.

Start free See pricing