Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.9
CVE-2026-44050: Netatalk CNID Daemon Remote Code Execution
CVE-2026-44050
Summary
The CNID daemon in Netatalk versions 2.0.0 through 4.4.2 has a security flaw that allows a remote attacker to gain elevated access to the system or crash it. This affects users who run Netatalk, a file sharing system for Apple devices. To stay secure, update to a fixed version of Netatalk as soon as possible.
Original title
A heap-based buffer overflow in the CNID daemon comm_rcv() function in Netatalk 2.0.0 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code with escalated privileges or cau...
Original description
A heap-based buffer overflow in the CNID daemon comm_rcv() function in Netatalk 2.0.0 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code with escalated privileges or cause a denial of service.
nvd CVSS3.1
9.9
Vulnerability type
CWE-122
Heap-based Buffer Overflow
Published: 21 May 2026 · Updated: 30 May 2026 · First seen: 21 May 2026