CVE-2026-44058

Summary

An authentication bypass vulnerability in Netatalk 2.2.2 through 4.4.2 allows a remote privileged user to authenticate as an arbitrary user via the admin auth user mechanism.

Affected Software

VendorProductVersion RangeStatus
NetatalkNetatalk2.2.2 <= 4.4.2affected
NetatalkNetatalk4.5.0unaffected

Weaknesses

  • CWE-287: Improper Authentication

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References