CVE-2026-44071 — Vulnetix

CVE-2026-44071 PUBLISHED CVSS 3.700000047683716 LOW

Netatalk 3.1.2 through 4.4.2 is compiled without FORTIFY_SOURCE, which disables built-in buffer overflow detection at runtime, potentially allowing a remote attacker to cause a minor denial of service via memory errors that would otherwise be caught and safely terminated by runtime protection.

EPSS 0.16% · 37.0th percentile

Risk Scores

CVSS v3.1

3.700000047683716

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

EPSS Score

0.16%

37.0th percentile

Affected Products

Vendor	Product	Versions
Netatalk	Netatalk	3.1.2, 4.5.0

Timeline

May 21, 2026 EPSS Score
May 21, 2026 CVE Published
May 21, 2026 CVE Updated
May 22, 2026 EPSS Score
May 22, 2026 Coalition ESS Score
May 22, 2026 Security Advisory
May 23, 2026 EPSS Score
May 24, 2026 EPSS Score
May 25, 2026 EPSS Score
May 26, 2026 EPSS Score
May 27, 2026 EPSS Score
May 28, 2026 EPSS Score

References

https://netatalk.io/security/CVE-2026-44071 url
https://nvd.nist.gov/vuln/detail/CVE-2026-44071 advisory

Open in Interactive Console →