What is the CVSS score of CVE-2026-44067?

CVE-2026-44067 has a CVSS 3.1 base score of 4.2 (Medium). CVSS vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:L. EPSS exploitation probability: 0.1%.

Is there a patch available for CVE-2026-44067?

Yes, a patch is available for CVE-2026-44067. Update the affected software to the latest version immediately.

Netatalk CVE-2026-44067

EUVD-2026-31214 MEDIUM

Out-of-bounds Read (CWE-125)

2026-05-21 securin

GHSA-cwgp-4xrf-xr6q

Buffer Overflow Information Disclosure Suse

4.2

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:L

Attack Vector

Network

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

Low

Lifecycle Timeline

Severity Changed

May 21, 2026 - 08:22 NVD

LOW MEDIUM

CVSS changed

May 21, 2026 - 08:22 NVD

3.7 (LOW) 4.2 (MEDIUM)

Analysis Generated

May 21, 2026 - 08:06 vuln.today

DescriptionNVD

In Netatalk 2.1.0 through 4.4.2, ea header parsing heap over-read. Fixed in 4.5.0.

AnalysisAI

Heap over-read in Netatalk's extended attribute (EA) header parser affects all releases from 2.1.0 through 4.4.2, allowing authenticated remote attackers to read beyond allocated heap boundaries under high-complexity conditions. The impact is limited to partial memory disclosure (C:L) and minor availability degradation (A:L) with no integrity impact, consistent with a read-only out-of-bounds primitive. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory