Sambas vfs_worm Rename Bypass Enables Overwrite of WORM Files
CVE-2026-2340 Published on May 27, 2026

Samba: vfs_worm does not block directory modification
A flaw was found in Sambas vfs_worm module. The module is intended to provide write-once, read-many (WORM) protections by preventing modification of files after a configurable grace period. Due to insufficient validation during rename operations, an authenticated user with write access to a share could overwrite a protected file by renaming a newly created file over the existing WORM-protected file.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Vulnerability Analysis

CVE-2026-2340 is exploitable with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, a high impact on integrity, and no impact on availability.

Attack Vector:

NETWORK

Attack Complexity:

LOW

Privileges Required:

LOW

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

NONE

Integrity Impact:

HIGH

Availability Impact:

NONE

Timeline

2026-03-13

Reported to Red Hat.

2026-05-27

Made public. 75 days later.

Weakness Type

Improper Handling of Insufficient Permissions or Privileges

The application does not handle or incorrectly handles when it has insufficient privileges to access resources or functionality as specified by their permissions. This may cause it to follow unexpected code paths that may leave the application in an invalid state.

Products Associated with CVE-2026-2340

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2026-2340 are published in these products:

Canonical Ubuntu Linux

Red Hat Enterprise Linux (RHEL)

Red Hat Openshift

Red Hat Rhel Eus

Affected Versions

Red Hat Enterprise Linux 10:

Version 0:4.23.5-109.el10_2 and below * is unaffected.

Red Hat Enterprise Linux 8:

Version 0:4.19.4-16.el8_10 and below * is unaffected.

Red Hat Enterprise Linux 8:

Version 0:4.19.4-16.el8_10 and below * is unaffected.

Red Hat Enterprise Linux 9:

Version 0:4.23.5-10.el9_8 and below * is unaffected.

Red Hat Enterprise Linux 9:

Version 0:4.23.5-10.el9_8 and below * is unaffected.

Red Hat Enterprise Linux 9.6 Extended Update Support:

Version 0:4.21.3-14.el9_6.1 and below * is unaffected.

Red Hat Enterprise Linux 6: Red Hat Enterprise Linux 6: Red Hat Enterprise Linux 7: Red Hat OpenShift Container Platform 4:

Exploit Probability

EPSS

0.47%

Percentile

36.77%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Sambas vfs_worm Rename Bypass Enables Overwrite of WORM FilesCVE-2026-2340 Published on May 27, 2026

Vulnerability Analysis

Timeline

Weakness Type

Improper Handling of Insufficient Permissions or Privileges

Products Associated with CVE-2026-2340

Affected Versions

Exploit Probability

Sambas vfs_worm Rename Bypass Enables Overwrite of WORM Files
CVE-2026-2340 Published on May 27, 2026