What is the CVSS score of CVE-2026-44073?

CVE-2026-44073 has a CVSS 3.1 base score of 5.0 (Medium). CVSS vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L. EPSS exploitation probability: 0.1%.

Is there a patch available for CVE-2026-44073?

Yes, a patch is available for CVE-2026-44073. Update the affected software to the latest version immediately.

Netatalk CVE-2026-44073

EUVD-2026-31220 MEDIUM

Improper Check for Dropped Privileges (CWE-273)

2026-05-21 securin

GHSA-pc7p-8fgv-4x9c

Information Disclosure Suse

5.0

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

Attack Vector

Network

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

Lifecycle Timeline

CVSS changed

May 21, 2026 - 08:22 NVD

4.0 (MEDIUM) 5.0 (MEDIUM)

Analysis Generated

May 21, 2026 - 08:09 vuln.today

DescriptionNVD

In Netatalk 1.5.0 through 4.4.2, seteuid failure ignored in auth modules. Fixed in 4.5.0.

AnalysisAI

Privilege retention in Netatalk 1.5.0 through 4.4.2 results from auth modules silently ignoring failures of the seteuid() system call, allowing an authenticated network attacker to operate with unintended elevated privileges. When seteuid() fails-due to resource exhaustion, OS limits, or specific system configurations-the process continues execution under its original (higher) UID rather than the intended reduced privilege level, exposing file system objects or operations the user should not access. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory