CVE-2026-1933
Modified Modified - Updated After Analysis
Samba NTFS Reparse Point Write Access Bypass

Publication date: 2026-05-27

Last updated on: 2026-06-15

Assigner: Red Hat, Inc.

Description
A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users with underlying filesystem write permissions may create or delete reparse point metadata through SMB operations even on read-only exports. This could allow modification of SMB-visible file behavior, including converting files into symbolic links or other reparse point types.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-27
Last Modified
2026-06-15
Generated
2026-06-16
AI Q&A
2026-05-27
EPSS Evaluated
2026-06-15
NVD
CVE-2026-1933
EUVD
EUVD-2026-32275
Affected Vendors & Products
Showing 6 associated CPEs
Vendor Product Version / Range
redhat enterprise_linux 7.0
redhat enterprise_linux 8.0
redhat openshift_container_platform 4.0
redhat enterprise_linux 9.0
redhat enterprise_linux 10.0
samba samba From 4.1.0 (inc) to 4.2.2 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-284 The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The provided information does not specify how this vulnerability impacts compliance with common standards and regulations such as GDPR or HIPAA.

Executive Summary

This vulnerability exists in Samba's handling of NTFS-style reparse points on shares that are configured as read-only. Due to missing access checks at the SMB protocol layer, authenticated users who have write permissions on the underlying filesystem can create or delete reparse point metadata through SMB operations, even though the share is marked as read-only.

This flaw allows modification of how files appear and behave over SMB, such as converting regular files into symbolic links or other types of reparse points, potentially leading to unauthorized file behavior changes.

Impact Analysis

The vulnerability can impact you by allowing authenticated users with write permissions on the underlying filesystem to manipulate file metadata on supposedly read-only Samba shares.

  • They could modify SMB-visible file behavior, such as turning files into symbolic links or other reparse point types.
  • This could lead to unauthorized changes in file access or behavior, potentially enabling privilege escalation or bypassing security controls.
  • Since the vulnerability has a CVSS base score of 7.1 with impact on integrity and availability, it represents a high severity risk.
Mitigation Strategies

To mitigate this vulnerability, it is important to apply the official patches or updates provided by Samba as soon as they become available.

Since the vulnerability allows authenticated users with underlying filesystem write permissions to manipulate reparse points even on read-only shares, restricting write permissions on the underlying filesystem and reviewing share configurations can help reduce risk.

Monitoring Samba security advisories and Bugzilla reports for updates and recommended fixes is also advised.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-1933. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart