What is GHSA-59rx-q76w-hqrw?

GHSA-59rx-q76w-hqrw is a security advisory published by GitHub Security Advisories with High severity. A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate...

Which CVE IDs does GHSA-59rx-q76w-hqrw cover?

GHSA-59rx-q76w-hqrw covers the following CVE IDs: CVE-2026-3012. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-59rx-q76w-hqrw?

GHSA-59rx-q76w-hqrw has a CVSS v3 base score of 8.0, published by GitHub Security Advisories.

GHSA-59rx-q76w-hqrwHighCVSS 8.0

A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate...

Vendor

GitHub Security Advisories

Published

May 27, 2026

Last Modified

May 27, 2026

🔗 CVE IDs covered (1)

CVE-2026-3012 →

📋 Description

A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability to intercept or redirect network traffic could exploit this behavior to supply a malicious certificate authority certificate, potentially allowing interception or spoofing of trusted communications.

🔗 References (5)

https://nvd.nist.gov/vuln/detail/CVE-2026-3012
https://access.redhat.com/security/cve/CVE-2026-3012
https://bugzilla.redhat.com/show_bug.cgi?id=2447319
https://bugzilla.samba.org/show_bug.cgi?id=16003
https://github.com/advisories/GHSA-59rx-q76w-hqrw