TrueNAS SCALE | Impact Statements
This section collects TrueNAS impact statements for major security issues. Each document covers a single vulnerability (or closely-related group) and explains the TrueNAS-specific attack surface, risk assessment, mitigations, and fix status.
-
Lodash Vulnerabilities in TrueNAS Web UI (CVE-2026-4800, CVE-2025-13465, CVE-2026-2950):
-
PeditCOW (CVE-2026-46331):
-
SharedFrag (CVE-2026-43503):
-
CIFSwitch (CVE-2026-46243):
-
Samba 4.23.8 Security Release (CVE-2026-1933, -2340, -3012, -3238, -4408, -4480):
-
CVE-2026-31431 (Copy Fail):
-
CVE-2026-43284 and CVE-2026-43500 (Dirty Frag):