PT-2026-42418 · Netatalk · Netatalk

·

CVE-2026-44062

·

Published

2026-05-21

·

Updated

2026-06-08

CVSS v3.1

7.5

High

VectorAV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Netatalk versions 2.0.4 through 4.4.2
Description A missing output length bounds check in the pull charset flags() function allows a remote authenticated attacker to execute arbitrary code or cause a denial of service by sending crafted character set data.
Recommendations Update to version 4.4.3.

Fix

RCE

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-44062
USN-8395-1

Affected Products

Netatalk