Skip to main content

Netatalk CVE-2026-44068

| EUVD-2026-31215 HIGH
Path Traversal (CWE-22)
2026-05-21 securin GHSA-qv8r-66p7-3q68
Path Traversal Suse
7.6
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
High
Availability
Low

Lifecycle Timeline

1
Analysis Generated
May 21, 2026 - 08:05 vuln.today

DescriptionNVD

In Netatalk 2.1.0 through 4.4.2, ea path traversal via incomplete sanitization. Fixed in 4.4.3.

AnalysisAI

Path traversal via extended attribute (ea) handling in Netatalk 2.1.0 through 4.4.2 allows authenticated remote attackers to access or modify files outside intended directories on AFP file shares. The flaw stems from incomplete input sanitization on the ea code path and is resolved in 4.4.3. …

Sign in for full analysis, threat intelligence, and remediation guidance.

RemediationAI

Within 24 hours: Identify all systems running Netatalk versions 2.1.0 through 4.4.2. Within 7 days: Acquire and prepare deployment of Netatalk 4.4.3 in test environment. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

More from same product – last 7 days

CVE-2026-9256 HIGH
8.1 May 22

Heap buffer overflow in NGINX Plus and NGINX Open Source ngx_http_rewrite_module allows unauthenticated remote attackers

Vendor StatusVendor

Share

CVE-2026-44068 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy