Skip to main content

Netatalk CVE-2026-44060

| EUVD-2026-31237 HIGH
Integer Underflow (CWE-191)
2026-05-21 securin GHSA-9vrg-f3g5-fg4c
Denial Of Service Integer Overflow Suse
7.5
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
Analysis Generated
May 21, 2026 - 08:03 vuln.today

DescriptionNVD

In Netatalk 1.5.0 through 4.4.2, integer underflow in dsi_writeinit() leads to denial of service. Fixed in 4.4.3.

AnalysisAI

Denial of service in Netatalk versions 1.5.0 through 4.4.2 allows remote unauthenticated attackers to crash the AFP (Apple Filing Protocol) service by exploiting an integer underflow in the dsi_writeinit() function. The flaw is network-reachable with low complexity (CVSS 7.5, AV:N/AC:L/PR:N) and no public exploit identified at time of analysis, though the trivial trigger conditions make exploitation straightforward once a proof-of-concept emerges. …

Sign in for full analysis, threat intelligence, and remediation guidance.

RemediationAI

Within 24 hours: Inventory all systems running Netatalk and document current versions. Within 7 days: Upgrade all affected systems (Netatalk versions 1.5.0-4.4.2) to version 4.4.3 or later and validate AFP service functionality. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

More from same product – last 7 days

CVE-2026-9256 HIGH
8.1 May 22

Heap buffer overflow in NGINX Plus and NGINX Open Source ngx_http_rewrite_module allows unauthenticated remote attackers

Vendor StatusVendor

Share

CVE-2026-44060 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy