A flaw was found in Samba. The smbd service daemon does not pick up group membership changes when re-authenticating an expired SMB session. This issue can expose file shares until clients disconnect and then connect again.
https://www.samba.org/samba/security/CVE-2025-0620.html
https://bugzilla.redhat.com/show_bug.cgi?id=2370453