CVE-2025-66003

Published: Jan 8, 2026

Modified: Jan 8, 2026

PUBLISHED

Description

An External Control of File Name or Path vulnerability in smb4k allowsl ocal users to perform a local root exploit via smb4k mounthelper if they can access and control the contents of a Samba shareThis issue affects smb4k: from ? before 4.0.5.

Vendor	Product	Versions
https://github.com/KDE/	smb4k	affected `? - < 4.0.5`

Weaknesses (CWE)

CWE-73

References

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-66003

https://security.opensuse.org/2025/12/10/smb4k-major-issues-in-kauth-helper.html

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-66003

Description

Affected Products

Weaknesses (CWE)

References