CVE-2026-52911

HIGHPre-NVD 8.88.8
EchelonGraph scoreHIGH confidence

Score 8.8 from GitHub Security Advisory (severity: HIGH) published 2026-06-21. a secondary CVSS source baseline 8.8; sources differ by 0.0.

Triggered by: GitHub Security Advisory CVSS
Sources: epss, ghsa, secondary
Trending — 3 sources updated this week
8.8
EchelonGraph verdictPlan a fixSerious severity, but no confirmed exploitation yet.
  • High severity, but no confirmed exploitation yet
CISA-KEV: Not listedEPSS: 0%CVSS: 8.8Exploit: NoneExposed: 0

No vendor fix yet — apply a workaround or compensating control (WAF / firewall / segmentation) and watch for a patch.

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: scope conn->binding slowpath to bound sessions only

When the binding SESSION_SETUP sets conn->binding = true, the flag stays set after the call so that the global session lookup in ksmbd_session_lookup_all() can find the session, which was not added to conn->sessions. Because the flag is connection-wide, the global lookup path will also resolve any other session by id if asked.

Tighten the global lookup so that the returned session must have this connection registered in its channel xarray (sess->ksmbd_chann_list). The channel entry is installed by the existing binding_session path in ntlm_authenticate()/krb5_authenticate() when a SESSION_SETUP completes successfully, so this condition is a strict equivalent of "this connection has been accepted as a channel of this session". Connections that have not bound to a given session cannot reach it via the global table.

The existing conn->binding gate for entering the slowpath is preserved so that non-binding connections keep the fast-path-only behavior, and the session->state check is unchanged.

CVSS v3
8.8
EG Score
8.8(high)
EPSS
28.3%
KEV
Not listed

Published

June 21, 2026

Last Modified

June 28, 2026

Advisory Details (7)

Auto-updated Jun 28, 2026
No patch confirmed yet.
generic

ksmbd: scope conn->binding slowpath to bound sessions only - kernel/git/stable/linux.git - Linux kernel stable tree

https://git.kernel.org/stable/c/e74c00c6af428a39e564cdc5bd3a3648c6d8de87
generic

ksmbd: scope conn->binding slowpath to bound sessions only - kernel/git/stable/linux.git - Linux kernel stable tree

https://git.kernel.org/stable/c/e3a93ce6e25757b8f375e38b8f91e1d9da4edc1a
generic

ksmbd: scope conn->binding slowpath to bound sessions only - kernel/git/stable/linux.git - Linux kernel stable tree

https://git.kernel.org/stable/c/b0da97c034b6107d14e537e212d4ce8b22109a58
generic

ksmbd: scope conn->binding slowpath to bound sessions only - kernel/git/stable/linux.git - Linux kernel stable tree

https://git.kernel.org/stable/c/974c1c224e85549dc3459f3bb2255bbbdd2b9372
generic

ksmbd: scope conn->binding slowpath to bound sessions only - kernel/git/stable/linux.git - Linux kernel stable tree

https://git.kernel.org/stable/c/2cc8a4db633b10715450b291c1343859a4b2c509
generic

ksmbd: scope conn->binding slowpath to bound sessions only - kernel/git/stable/linux.git - Linux kernel stable tree

https://git.kernel.org/stable/c/1ff46c9915c1cbf454db58a8cb87f7cac818e6a6
generic

ksmbd: scope conn->binding slowpath to bound sessions only - kernel/git/stable/linux.git - Linux kernel stable tree

https://git.kernel.org/stable/c/1e2bec062c5c9ec282636715166056d0998d746d

Vendor Advisories for CVE-2026-52911(2)

These vendors published their own advisory mentioning this CVE — often with vendor-specific remediation steps + affected product lists not in NVD.

Data Freshness Timeline

(refreshed 36× in last 7d / 56× in last 30d)

Each row is a source pipeline that fetched or updated this CVE on that date, with what changed. For example, "NVD update" means NVD published or revised its analysis for this CVE; "MITRE cvelistV5" means we ingested or refreshed it from the CNA feed. Most recent first.

  1. 2026-07-07 01:36 UTCEG score recompute
  2. 2026-07-07 01:36 UTCGHSA enrichment
  3. 2026-07-06 16:27 UTCEPSS rescore
  4. 2026-07-06 16:27 UTCEPSS rescore
  5. 2026-07-06 13:34 UTCEG score recompute
  6. 2026-07-06 13:33 UTCGHSA enrichment
  7. 2026-07-06 02:23 UTCEPSS rescore
  8. 2026-07-06 02:23 UTCEPSS rescore
  9. 2026-07-06 01:26 UTCEG score recompute
  10. 2026-07-06 01:26 UTCGHSA enrichment
  11. 2026-07-05 13:24 UTCEG score recompute
  12. 2026-07-05 13:24 UTCGHSA enrichment
  13. 2026-07-05 02:30 UTCEPSS rescore
  14. 2026-07-05 01:22 UTCEG score recompute
  15. 2026-07-05 01:22 UTCGHSA enrichment
  16. 2026-07-04 13:20 UTCEG score recompute
  17. 2026-07-04 13:20 UTCGHSA enrichment
  18. 2026-07-04 06:31 UTCEPSS rescore
  19. 2026-07-04 01:17 UTCEG score recompute
  20. 2026-07-04 01:17 UTCGHSA enrichment
  21. 2026-07-03 13:14 UTCEG score recompute
  22. 2026-07-03 13:14 UTCGHSA enrichment
  23. 2026-07-03 01:11 UTCEG score recompute
  24. 2026-07-03 01:11 UTCGHSA enrichment
  25. 2026-07-02 13:09 UTCEG score recompute
Show 31 more
  1. 2026-07-02 13:09 UTCGHSA enrichment
  2. 2026-07-02 01:03 UTCEG score recompute
  3. 2026-07-02 01:03 UTCGHSA enrichment
  4. 2026-07-01 15:07 UTCEPSS rescore
  5. 2026-07-01 13:00 UTCEG score recompute
  6. 2026-07-01 13:00 UTCGHSA enrichment
  7. 2026-07-01 00:56 UTCEG score recompute
  8. 2026-07-01 00:56 UTCGHSA enrichment
  9. 2026-06-30 23:22 UTCEPSS rescore
  10. 2026-06-30 12:54 UTCEG score recompute
  11. 2026-06-30 12:54 UTCGHSA enrichment
  12. 2026-06-30 00:52 UTCEG score recompute
  13. 2026-06-30 00:52 UTCGHSA enrichment
  14. 2026-06-29 14:06 UTCEPSS rescore
  15. 2026-06-29 14:06 UTCEPSS rescore
  16. 2026-06-29 12:51 UTCEG score recompute 8.80
  17. 2026-06-29 12:51 UTCGHSA enrichment
  18. 2026-06-28 14:07 UTCEPSS rescore
  19. 2026-06-28 07:52 UTCMITRE cvelistV5CVSS v3 → 8.8 · severity → HIGH
  20. 2026-06-28 04:56 UTCEPSS rescore
  21. 2026-06-28 04:56 UTCEPSS rescore
  22. 2026-06-27 03:08 UTCEPSS rescore
  23. 2026-06-26 19:35 UTCGHSA enrichment
  24. 2026-06-25 13:49 UTCEPSS rescore
  25. 2026-06-24 14:05 UTCEPSS rescore
  26. 2026-06-24 02:20 UTCEG score recompute
  27. 2026-06-24 02:20 UTCGHSA enrichment
  28. 2026-06-23 21:33 UTCEPSS rescore
  29. 2026-06-23 21:33 UTCEPSS rescore
  30. 2026-06-21 09:03 UTCEG score recompute
  31. 2026-06-21 09:03 UTCNVD updatefirst tracked

Frequently asked(5)

What is CVE-2026-52911?
CVE-2026-52911 is a high vulnerability published on June 21, 2026. In the Linux kernel, the following vulnerability has been resolved: ksmbd: scope conn->binding slowpath to bound sessions only When the binding SESSION_SETUP sets conn->binding = true, the flag stays set after the call so that the global session lookup in ksmbdsessionlookup_all() can find the…
When was CVE-2026-52911 disclosed?
CVE-2026-52911 was first published in the National Vulnerability Database on June 21, 2026, with the most recent update on June 28, 2026. EchelonGraph re-ingests CVE updates from NVD on a 2-hour cycle, so this page reflects the latest published state.
Is CVE-2026-52911 actively exploited?
CVE-2026-52911 is not currently on CISA's Known Exploited Vulnerabilities catalog. FIRST EPSS estimates a 28.3% percentile likelihood of exploitation in the next 30 days — higher percentiles indicate greater predicted risk.
What is the CVSS score of CVE-2026-52911?
CVE-2026-52911 has a CVSS v3 base score of 8.8 (NVD).
How do I remediate CVE-2026-52911?
Patch to the fixed version published by the affected vendor. Where vendor advisories exist for CVE-2026-52911, EchelonGraph cross-links them in the Vendor Advisories panel below — those typically contain the canonical remediation steps, fixed version numbers, and any vendor-specific mitigations.

Dependency Blast Radius

Explore the affected products and dependency analysis for CVE-2026-52911

Explore →

Is Your Infrastructure Affected by CVE-2026-52911?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.