What is the CVSS score of CVE-2026-44047?

CVE-2026-44047 has a CVSS 3.1 base score of 8.8 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.1%.

Which versions of Suse are affected by CVE-2026-44047?

A high-severity SQL injection vulnerability (CVE-2026-44047) in Netatalk 3.1.0 through 4.4.2 permits authenticated remote attackers to directly manipulate the MySQL-backed CNID database that…. A patch is available.

Suse CVE-2026-44047

EUVD-2026-31226 HIGH

SQL Injection (CWE-89)

2026-05-21 securin

GHSA-p2g3-q382-2rhw

SQLi Suse

8.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

May 21, 2026 - 08:00 vuln.today

DescriptionNVD

In Netatalk 3.1.0 through 4.4.2, sql injection in mysql cnid backend. Fixed in 4.4.3.

AnalysisAI

SQL injection in Netatalk 3.1.0 through 4.4.2 allows authenticated remote attackers to compromise the MySQL-backed CNID (Catalog Node ID) database used to track AppleTalk/AFP file metadata. The high CVSS 8.8 score (CVSS:3.1/AV:N/AC:L/PR:L/UI:N) reflects network-reachable exploitation with low privileges and high impact to confidentiality, integrity, and availability; no public exploit identified at time of analysis.

RemediationAI

Within 24 hours: Inventory all systems running Netatalk versions 3.1.0 through 4.4.2 and document CNID database backend configurations. Within 7 days: Enforce database-level access restrictions limiting CNID connections to Netatalk service accounts only, enable and monitor MySQL query logging for Netatalk service activity, and review active AFP share configurations to disable unnecessary shares. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

More from same product – last 7 days

CVE-2026-9256 HIGH This Week

8.1 May 22

Heap buffer overflow in NGINX Plus and NGINX Open Source ngx_http_rewrite_module allows unauthenticated remote attackers

Vendor StatusVendor

CVE-2026-44047 vulnerability details – vuln.today

Back

Suse CVE-2026-44047

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

More from same product – last 7 days

Vendor StatusVendor

Share

External POC / Exploit Code