CVE-2026-44064

Summary

An out-of-bounds read in ASP session ID handling in Netatalk 1.3 through 4.4.2 allows an adjacent network attacker to obtain limited information or cause a denial of service via a crafted ASP request.

Affected Software

VendorProductVersion RangeStatus
NetatalkNetatalk1.3 <= 4.4.2affected
NetatalkNetatalk4.4.3unaffected

Weaknesses

  • CWE-125: Out-of-bounds Read

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References