Red Hat Product Security issued a critical advisory (RHSA-2026:22963) for Samba in Red Hat Enterprise Linux 10, addressing six vulnerabilities: CVE-2026-1933 (missing access check on reparse point operations), CVE-2026-2340 (vfs_worm does not block directory modification), CVE-2026-3012 (group policy certificate enrollment uses HTTP without validation), CVE-2026-4480 (remote code execution in printing subsystem via unescaped job description), CVE-2026-4408 (remote code execution in SAMR), and CVE-2026-40170 (denial of service via stack buffer overflow in ngtcp2 during QUIC handshake). The advisory provides updated Samba packages for multiple architectures and variants of Red Hat Enterprise Linux 10. No CVSS scores are provided in the advisory, but the overall severity is rated critical by Red Hat.

The vulnerabilities collectively allow for unauthorized access, remote code execution, and denial of service conditions in affected Samba components. Missing access checks and improper validation can lead to privilege escalation or unauthorized modifications. Remote code execution flaws in the printing subsystem and SAMR interface could allow attackers to execute arbitrary code remotely. The denial of service vulnerability in ngtcp2 could disrupt network communications using QUIC. These impacts pose significant risks to systems running affected versions of Red Hat Enterprise Linux 10.

Red Hat has released updated Samba packages for Red Hat Enterprise Linux 10 that address all listed vulnerabilities. Users should apply these official patches promptly by following Red Hat's update instructions at https://access.redhat.com/articles/11258. Since this is an on-premises product, remediation requires manual update by system administrators. No indication of exploits in the wild is reported, but the critical severity rating warrants timely patching.