Authentication Bypass Vulnerability in Netatalk by Netatalk
CVE-2026-44058

6.4MEDIUM

Key Information:

Vendor: Netatalk
Status: Netatalk
Vendor: CVE Published:; 21 May 2026

What is CVE-2026-44058?

An authentication bypass flaw in Netatalk versions 2.2.2 through 4.4.2 enables a remote privileged user to gain unauthorized access by impersonating any user through the admin authentication mechanism. This vulnerability poses significant security risks as it allows for unauthorized actions under the guise of legitimate user permissions.

Affected Version(s)

Netatalk 2.2.2 <= 4.4.2

Netatalk 4.5.0

References

https://netatalk.io/security/CVE-2026-44058

vendor-advisory

CVSS V3.1

Score:

6.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 21, 2026
Vulnerability Reserved
May 5, 2026

Credit

Arjun Basnet from Securin

CVE-2026-44058 Data

JSON