Skip to main content

Suse CVE-2026-44047

| EUVDEUVD-2026-31226 HIGH
SQL Injection (CWE-89)
2026-05-21 securin GHSA-p2g3-q382-2rhw
8.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
SUSE
HIGH
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
Analysis Generated
May 21, 2026 - 08:00 vuln.today

DescriptionCVE.org

In Netatalk 3.1.0 through 4.4.2, sql injection in mysql cnid backend. Fixed in 4.4.3.

AnalysisAI

SQL injection in Netatalk 3.1.0 through 4.4.2 allows authenticated remote attackers to compromise the MySQL-backed CNID (Catalog Node ID) database used to track AppleTalk/AFP file metadata. The high CVSS 8.8 score (CVSS:3.1/AV:N/AC:L/PR:L/UI:N) reflects network-reachable exploitation with low privileges and high impact to confidentiality, integrity, and availability; no public exploit identified at time of analysis.

Vendor StatusVendor

SUSE

Severity: High
Product Status
SUSE Linux Enterprise Server 12 SP5 Fixed
SUSE Linux Enterprise Server 12 SP5-LTSS Fixed
SUSE Linux Enterprise Server 12 SP5-LTSS Extended Security Fixed
SUSE Linux Enterprise Server for SAP Applications 12 SP5 Fixed
SUSE Linux Enterprise Desktop 12 Fixed

Share

CVE-2026-44047 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy