Description
A heap-based buffer overflow in the CNID daemon comm_rcv() function in Netatalk 2.0.0 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code with escalated privileges or cause a denial of service.
Published: 2026-05-21
Score: 9.9 Critical
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Netatalk’s CNID daemon contains a heap buffer overflow in the comm_rcv() function. A heap-based buffer overflow in comm_rcv() in Netatalk 2.0.0 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code with escalated privileges or cause a denial of service. The vulnerability is classified as a classic buffer overflow flaw (CWE-122).

Affected Systems

The problem affects Netatalk versions 2.0.0 through 4.4.2. The vendor identified the entry as Netatalk. The flaw is fixed in release 4.4.3 and newer versions.

Risk and Exploitability

The CVSS score of 9.9 reflects the severity of the flaw. EPSS information is not available, and the issue is not listed in CISA’s KEV catalog. Because Netatalk is a network‑accessible daemon, the likely attack vector is remote exploitation via crafted packets sent to the CNID service by an authenticated attacker; a successful exploit would grant the attacker full system privileges, enabling arbitrary code execution or denial of service. The vulnerability is a classic buffer overflow (CWE-122).

Generated by OpenCVE AI on May 21, 2026 at 10:28 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Netatalk to version 4.4.3 or newer to apply the fix
  • Restrict or disable the CNID daemon to trusted networks or isolate it behind a firewall
  • Configure the system to log and alert on abnormal communication with the CNID service to aid early detection

Generated by OpenCVE AI on May 21, 2026 at 10:28 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-62801 netatalk security update
History

Thu, 21 May 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 21 May 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Netatalk
Netatalk netatalk
Vendors & Products Netatalk
Netatalk netatalk

Thu, 21 May 2026 09:00:00 +0000

Type Values Removed Values Added
Description In Netatalk 2.0.0 through 4.4.2, heap buffer overflow in cnid daemon comm_rcv(). Fixed in 4.4.3. A heap-based buffer overflow in the CNID daemon comm_rcv() function in Netatalk 2.0.0 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code with escalated privileges or cause a denial of service.

Thu, 21 May 2026 07:45:00 +0000

Type Values Removed Values Added
Description In Netatalk 2.0.0 through 4.4.2, heap buffer overflow in cnid daemon comm_rcv(). Fixed in 4.4.3.
Title Heap buffer overflow in CNID daemon comm_rcv()
Weaknesses CWE-122
References
Metrics cvssV3_1

{'score': 9.9, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H'}

Subscriptions

Netatalk Netatalk
cve-icon MITRE

Status: PUBLISHED

Assigner: securin

Published:

Updated: 2026-05-21T12:42:45.770Z

Reserved: 2026-05-05T07:24:42.291Z

Link: CVE-2026-44050

cve-icon Vulnrichment

Updated: 2026-05-21T12:42:40.814Z

cve-icon NVD

Status : Deferred

Published: 2026-05-21T08:16:20.580

Modified: 2026-05-21T15:20:19.040

Link: CVE-2026-44050

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-21T10:30:08Z

Weaknesses