CVE-2026-44053

Summary

Netatalk 1.5.0 through 4.2.2 uses a broken cryptographic algorithm in the DHCAST128 UAM, which allows a remote attacker to obtain authentication credentials or impersonate a user via cryptanalytic attack.

Affected Software

VendorProductVersion RangeStatus
NetatalkNetatalk1.5.0 <= 4.2.2affected
NetatalkNetatalk4.5.0unaffected

Weaknesses

  • CWE-327: Use of a Broken or Risky Cryptographic Algorithm

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References