CVE-2026-44047
Deferred Deferred - Pending Action
SQL Injection in Netatalk via MySQL CNID Backend

Publication date: 2026-05-21

Last updated on: 2026-05-21

Assigner: securin

Description
An SQL injection vulnerability in the MySQL CNID backend in Netatalk 3.1.0 through 4.4.2 allows a remote authenticated attacker to obtain unauthorized access to data, modify data, or cause a denial of service.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-21
Last Modified
2026-05-21
Generated
2026-06-10
AI Q&A
2026-05-21
EPSS Evaluated
2026-06-09
NVD
CVE-2026-44047
EUVD
EUVD-2026-31226
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
netatalk netatalk From 3.1.0 (inc) to 4.4.2 (inc)
netatalk netatalk 4.4.3
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-89 The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The SQL injection vulnerability in Netatalk's MySQL CNID backend allows unauthorized access, modification, or denial of service to data, which can compromise the confidentiality, integrity, and availability of sensitive information.

Such compromises can negatively impact compliance with common standards and regulations like GDPR and HIPAA, which require protection of personal and sensitive data against unauthorized access and alteration.

Organizations using affected versions of Netatalk should apply the available patch or upgrade to mitigate the risk and maintain compliance.

Executive Summary

The CVE-2026-44047 vulnerability in Netatalk is a high-severity SQL injection issue affecting the MySQL CNID backend.

This flaw allows authenticated AFP clients to execute arbitrary SQL commands against the CNID database by manipulating filenames.

It impacts Netatalk versions 3.1.0 through 4.4.2 and was fixed in version 4.4.3.

Impact Analysis

This vulnerability can compromise the confidentiality, integrity, or availability of the CNID database.

An attacker with authenticated AFP access could execute arbitrary SQL commands, potentially leading to data leakage, data corruption, or denial of service.

The CVSS score of 8.8 indicates a high risk, meaning the impact can be severe if exploited.

Mitigation Strategies

To mitigate the CVE-2026-44047 vulnerability in Netatalk, administrators should promptly apply the available patch for version 4.4.2 or upgrade to version 4.4.3 or later.

As a temporary workaround, it is recommended to disable the MySQL CNID backend or restrict AFP access to trusted users only.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-44047. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart