Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

NVD
NVDadded 2026/05/21 8:16 a.m.9 views

CVE-2026-44067

A heap over-read in extended attribute EA header parsing in Netatalk 2.1.0 through 4.4.2 allows a remote authenticated attacker to obtain limited information or cause a minor service disruption via crafted EA data...

4.2CVSS0.00125EPSS
Exploits0References1
CVE
CVEadded 2026/05/21 7:35 a.m.13 views

CVE-2026-44072

Netatalk 2.2.1–4.4.2 is affected by a vulnerability where system() is invoked after a failed chdir(), allowing an attacker with local access to trigger unintended commands or cause a minor service disruption under specific conditions. The issue stems from improper handling of the error condition ...

3CVSS5.9AI score0.00025EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/05/21 7:35 a.m.35 views

CVE-2026-44072 system() after failed chdir()

Netatalk 2.2.1 through 4.4.2 calls system after a failed chdir without properly handling the error condition, which allows a local privileged user to execute unintended commands or cause a minor service disruption under specific conditions...

3CVSS0.00025EPSS
Exploits0References1
EUVD
EUVDadded 2026/05/21 7:34 a.m.6 views

EUVD-2026-31218

An integer underflow in the volxlate function in Netatalk 3.0.0 through 4.4.2 allows a local privileged user to obtain limited information, modify limited data, or cause a minor service disruption via crafted volume translation input...

3.9CVSS5.8AI score0.00015EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/05/21 7:34 a.m.33 views

CVE-2026-44059 Non-reentrant privilege toggle

A race condition in the privilege toggle mechanism in Netatalk 2.2.5 through 4.4.2 allows a local attacker to obtain limited information, modify limited data, or cause a minor service disruption...

4.5CVSS0.00013EPSS
Exploits0References1
CVE
CVEadded 2026/05/21 7:34 a.m.15 views

CVE-2026-44059

Netatalk 2.2.5–4.4.2 contains a non-reentrant privilege toggle vulnerability (race condition) that could allow a local attacker to obtain limited information, modify limited data, or trigger a minor service disruption. The issue is fixed in Netatalk 4.5.0. Affected versions and impact are consist...

4.5CVSS5.8AI score0.00013EPSS
Exploits0References1
CVE
CVEadded 2026/05/21 7:34 a.m.15 views

CVE-2026-44058

CVE-2026-44058 affects Netatalk 2.2.2 through 4.4.2 and allows an authentication bypass via the admin auth user mechanism. Root cause described as an authentication bypass, enabling a remote attacker to authenticate as an arbitrary user. The issue is fixed in Netatalk 4.5.0. The CVSS v3.1 baselin...

7.2CVSS6AI score0.00222EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/05/21 12:0 a.m.6 views

PT-2026-42423

Name of the Vulnerable Software and Affected Versions Netatalk versions 2.1.0 through 4.4.2 Description A heap over-read exists in the extended attribute EA header parsing. This allows a remote authenticated attacker to obtain limited information or cause a minor service disruption by using craft...

4.2CVSS5.9AI score0.00125EPSS
Exploits0References2
Rows per page
Query Builder