What is the CVSS score of CVE-2026-44053?

CVE-2026-44053 has a CVSS 3.1 base score of 7.4 (High). CVSS vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N. EPSS exploitation probability: 0.1%.

Which versions of Netatalk are affected by CVE-2026-44053?

Netatalk versions 1.5.0 through 4.2.2 contain weak cryptography in the dhcast128 AFP authentication module, potentially allowing attackers to compromise confidentiality and integrity of…. A patch is available.

Netatalk CVE-2026-44053

EUVD-2026-31232 HIGH

Use of a Broken or Risky Cryptographic Algorithm (CWE-327)

2026-05-21 securin

GHSA-8vhp-c4pr-9rq3

Information Disclosure Suse

7.4

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Lifecycle Timeline

Analysis Generated

May 21, 2026 - 08:02 vuln.today

DescriptionNVD

In Netatalk 1.5.0 through 4.2.2, weak cryptography in dhcast128 uam. Fixed in 4.5.0.

AnalysisAI

Weak cryptography in the dhcast128 user authentication module (UAM) of Netatalk versions 1.5.0 through 4.2.2 allows remote attackers to compromise confidentiality and integrity of AFP authentication exchanges. The flaw was reported by Securin and tagged as an information disclosure issue; no public exploit identified at time of analysis. …

RemediationAI

Within 24 hours: Conduct asset inventory to identify all Netatalk deployments and confirm whether versions 1.5.0-4.2.2 are in use; assess criticality and user-access patterns for each instance. Within 7 days: Contact the Netatalk project/maintainers for patch timeline; implement network segmentation to restrict AFP access to trusted networks only; enable comprehensive authentication logging on all AFP services. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

More from same product – last 7 days

CVE-2026-9256 HIGH This Week

8.1 May 22

Heap buffer overflow in NGINX Plus and NGINX Open Source ngx_http_rewrite_module allows unauthenticated remote attackers

Vendor StatusVendor

CVE-2026-44053 vulnerability details – vuln.today

Back

Netatalk CVE-2026-44053

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

More from same product – last 7 days

Vendor StatusVendor

Share

External POC / Exploit Code