CVE Catalog

CVE-2026-44050

Critical
Published: Translated: NVD NIST

Summary

A heap-based buffer overflow in the comm_rcv() function of the CNID daemon in Netatalk versions 2.0.0 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code with escalated privileges or cause a denial of service.

Risk Assessment

An attacker could exploit this vulnerability to gain full control over the system or disrupt its operation, potentially leading to serious consequences for the organization.

Recommendation

It is recommended to update Netatalk to the latest version to mitigate this vulnerability and to monitor systems for unauthorized activities.

Original NVD description (English source)

A heap-based buffer overflow in the CNID daemon comm_rcv() function in Netatalk 2.0.0 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code with escalated privileges or cause a denial of service.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS