Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Lifecycle Timeline
1DescriptionCVE.org
In Netatalk 3.0.2 through 4.4.2, arbitrary file read via attacker-controlled symlink creation. Fixed in 4.4.3.
AnalysisAI
Arbitrary file read in Netatalk 3.0.2 through 4.4.2 allows authenticated remote attackers to create attacker-controlled symbolic links that the AFP server follows, exposing sensitive files outside the intended share. The flaw is fixed in version 4.4.3 and no public exploit identified at time of analysis. Securin reported the issue and the vendor has published an advisory at netatalk.io.
Technical ContextAI
Netatalk is an open-source implementation of the Apple Filing Protocol (AFP) that lets Unix-like systems serve files to macOS clients over the network. The root cause is CWE-59 (Improper Link Resolution Before File Access, a.k.a. Link Following): the daemon resolves symbolic links created by an authenticated user without enforcing that the resolved path remains inside the share boundary, so a crafted symlink pointing to /etc/shadow, configuration files, or other private paths is dereferenced server-side and the contents are returned to the client. The affected CPE is cpe:2.3:a:netatalk:netatalk for all 3.0.2-4.4.2 builds.
RemediationAI
Upgrade to Vendor-released patch: Netatalk 4.4.3, which contains the fix; consult the upstream advisory at https://netatalk.io/security/CVE-2026-44051 for build notes. Until packaged updates are available for your distribution, reduce exposure by restricting AFP access (TCP/548) to trusted networks via host or network firewall, disabling AFP shares that accept untrusted authenticated users, and removing or tightening shares where 'follow symlinks' style options are enabled in afp.conf - note that disabling symlink following may break legitimate macOS Time Machine or shared-mount workflows that rely on it. Where feasible, migrate clients to SMB on Samba as a longer-term alternative, accepting the operational cost of changing the file-sharing stack.
Same weakness CWE-59 – Improper Link Resolution Before File Access
View allSame technique Information Disclosure
View allVendor StatusVendor
SUSE
Severity: High| Product | Status |
|---|---|
| SUSE Linux Enterprise Server 12 SP5 | Fixed |
| SUSE Linux Enterprise Server 12 SP5-LTSS | Fixed |
| SUSE Linux Enterprise Server 12 SP5-LTSS Extended Security | Fixed |
| SUSE Linux Enterprise Server for SAP Applications 12 SP5 | Fixed |
| SUSE Linux Enterprise Desktop 12 | Fixed |
| SUSE Linux Enterprise Desktop 12 SP1 | Fixed |
| SUSE Linux Enterprise Desktop 12 SP2 | Fixed |
| SUSE Linux Enterprise Desktop 12 SP3 | Fixed |
| SUSE Linux Enterprise Desktop 12 SP4 | Fixed |
| SUSE Linux Enterprise Server 12 | Fixed |
| SUSE Linux Enterprise Server 12 SP1 | Fixed |
| SUSE Linux Enterprise Server 12 SP2 | Fixed |
| SUSE Linux Enterprise Server 12 SP3 | Fixed |
| SUSE Linux Enterprise Server 12 SP4 | Fixed |
| SUSE Linux Enterprise Server for SAP Applications 12 | Fixed |
| SUSE Linux Enterprise Server for SAP Applications 12 SP1 | Fixed |
| SUSE Linux Enterprise Server for SAP Applications 12 SP2 | Fixed |
| SUSE Linux Enterprise Server for SAP Applications 12 SP3 | Fixed |
| SUSE Linux Enterprise Server for SAP Applications 12 SP4 | Fixed |
| SUSE Linux Enterprise Software Development Kit 12 | Fixed |
| SUSE Linux Enterprise Software Development Kit 12 SP1 | Fixed |
| SUSE Linux Enterprise Software Development Kit 12 SP2 | Fixed |
| SUSE Linux Enterprise Software Development Kit 12 SP3 | Fixed |
| SUSE Linux Enterprise Software Development Kit 12 SP4 | Fixed |
| SUSE Linux Enterprise Software Development Kit 12 SP5 | Fixed |
| SUSE Linux Enterprise Workstation Extension 12 | Fixed |
| SUSE Linux Enterprise Workstation Extension 12 SP1 | Fixed |
| SUSE Linux Enterprise Workstation Extension 12 SP2 | Fixed |
| SUSE Linux Enterprise Workstation Extension 12 SP3 | Fixed |
| SUSE Linux Enterprise Workstation Extension 12 SP4 | Fixed |
| SUSE Linux Enterprise Workstation Extension 12 SP5 | Fixed |
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-31228
GHSA-x9mv-rgr7-fxhp