Metrics
Affected Vendors & Products
Thu, 02 Jul 2026 19:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs | cpe:/a:redhat:openshift:4.19::el9 | |
| References |
|
Tue, 30 Jun 2026 18:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs | cpe:/a:redhat:openshift:4.20::el9 | |
| References |
|
Tue, 30 Jun 2026 11:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs | cpe:/a:redhat:openshift:4.21::el9 | |
| References |
|
Tue, 23 Jun 2026 08:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Redhat rhel Els
|
|
| CPEs | cpe:/a:redhat:rhel_e4s:9.4::appstream cpe:/a:redhat:rhel_e4s:9.4::resilientstorage cpe:/o:redhat:enterprise_linux:7::server cpe:/o:redhat:rhel_e4s:9.4::baseos cpe:/o:redhat:rhel_els:7 |
|
| Vendors & Products |
Redhat rhel Els
|
|
| References |
|
Tue, 23 Jun 2026 03:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Redhat enterprise Linux Eus
Redhat rhel E4s Redhat rhel Tus |
|
| CPEs | cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_e4s:9.2::appstream cpe:/a:redhat:rhel_e4s:9.2::resilientstorage cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/o:redhat:enterprise_linux_eus:10.0 cpe:/o:redhat:rhel_e4s:8.8::baseos cpe:/o:redhat:rhel_e4s:9.2::baseos cpe:/o:redhat:rhel_tus:8.8::baseos |
|
| Vendors & Products |
Redhat enterprise Linux Eus
Redhat rhel E4s Redhat rhel Tus |
|
| References |
|
Tue, 23 Jun 2026 01:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Redhat rhel Aus
Redhat rhel Eus Long Life |
|
| CPEs | cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/o:redhat:rhel_aus:8.4::baseos cpe:/o:redhat:rhel_aus:8.6::baseos cpe:/o:redhat:rhel_eus_long_life:8.4::baseos cpe:/o:redhat:rhel_eus_long_life:8.6::baseos |
|
| Vendors & Products |
Redhat rhel Aus
Redhat rhel Eus Long Life |
|
| References |
|
Mon, 15 Jun 2026 21:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Redhat rhel Eus
|
|
| CPEs | cpe:/a:redhat:rhel_eus:9.6::appstream cpe:/a:redhat:rhel_eus:9.6::crb cpe:/a:redhat:rhel_eus:9.6::resilientstorage cpe:/o:redhat:rhel_eus:9.6::baseos |
|
| Vendors & Products |
Redhat rhel Eus
|
|
| References |
|
Wed, 10 Jun 2026 16:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs | cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::crb cpe:/a:redhat:enterprise_linux:9::resilientstorage cpe:/o:redhat:enterprise_linux:9::baseos |
|
| References |
|
Mon, 08 Jun 2026 15:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs | cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:* cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:* |
Thu, 04 Jun 2026 00:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs | cpe:/o:redhat:enterprise_linux:10.2 | |
| References |
|
Wed, 03 Jun 2026 11:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs | cpe:/a:redhat:enterprise_linux:8::appstream cpe:/a:redhat:enterprise_linux:8::crb cpe:/o:redhat:enterprise_linux:8::baseos |
|
| References |
|
Sat, 30 May 2026 23:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Redhat openshift Container Platform
Samba Samba samba |
|
| Vendors & Products |
Redhat openshift Container Platform
Samba Samba samba |
Fri, 29 May 2026 16:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 28 May 2026 12:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
| |
| Metrics |
threat_severity
|
threat_severity
|
Thu, 28 May 2026 08:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper escaping of shell meta-characters. This vulnerability allows an attacker to achieve remote command execution on the affected system. This issue primarily affects non-standard configurations where the "check password script" is used with %u and the samba-dcerpcd service is started as a system service. | |
| Title | Samba: remote code execution in samr | |
| First Time appeared |
Redhat
Redhat enterprise Linux Redhat openshift |
|
| Weaknesses | CWE-78 | |
| CPEs | cpe:/a:redhat:openshift:4 cpe:/o:redhat:enterprise_linux:10 cpe:/o:redhat:enterprise_linux:6 cpe:/o:redhat:enterprise_linux:7 cpe:/o:redhat:enterprise_linux:8 cpe:/o:redhat:enterprise_linux:9 |
|
| Vendors & Products |
Redhat
Redhat enterprise Linux Redhat openshift |
|
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2026-07-03T12:05:02.875Z
Reserved: 2026-03-18T21:40:14.142Z
Link: CVE-2026-4408
Updated: 2026-07-03T12:05:02.875Z
Status : Modified
Published: 2026-05-28T09:16:47.643
Modified: 2026-06-17T10:56:32.163
Link: CVE-2026-4408
OpenCVE Enrichment
Updated: 2026-05-30T21:19:19Z