PT-2026-42417 · Netatalk · Netatalk

Arjun Basnet

·

Published

2026-05-21

·

Updated

2026-05-21

·

CVE-2026-44061

CVSS v3.1

5.9

Medium

VectorAV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions Netatalk versions 1.5.0 through 4.4.2
Description The software uses DES-ECB (Data Encryption Standard in Electronic Codebook mode) for authentication, which is susceptible to a timing side channel. This allows a remote attacker to recover authentication credentials by performing timing analysis.
Recommendations Update to version 4.5.0.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-44061

Affected Products

Netatalk