CVE-2026-44052

Summary

Netatalk 2.1.0 through 4.4.2 inserts LDAP simple-bind passwords into log output in cleartext, which allows an attacker with access to the log files to obtain LDAP credentials.

Affected Software

VendorProductVersion RangeStatus
NetatalkNetatalk2.1.0 <= 4.4.2affected
NetatalkNetatalk4.4.3unaffected

Weaknesses

  • CWE-532: Insertion of Sensitive Information into Log File

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References