CVE-2026-44051
Deferred Deferred - Pending Action

Arbitrary File Read via Symlink in Netatalk

Publication date: 2026-05-21

Last updated on: 2026-05-21

Assigner: securin

Description
An improper link resolution vulnerability in Netatalk 3.0.2 through 4.4.2 allows a remote authenticated attacker to read arbitrary files or overwrite arbitrary files via attacker-controlled symlink creation.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-05-21
Last Modified
2026-05-21
Generated
2026-06-30
AI Q&A
2026-05-21
EPSS Evaluated
2026-06-29
NVD
CVE-2026-44051
EUVD
EUVD-2026-31228

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
netatalk netatalk From 3.0.2 (inc) to 4.4.2|end_including=4.4.3 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-59 The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in Netatalk versions 3.0.2 through 4.4.2 and allows an attacker to read arbitrary files by creating attacker-controlled symbolic links (symlinks). This means that an attacker can manipulate the system to access files they should not be able to read.

The issue was fixed in version 4.4.3 of Netatalk.

Impact Analysis

This vulnerability can have a significant impact because it allows an attacker to read sensitive files without proper authorization.

  • Confidential information could be exposed.
  • It could lead to a breach of data confidentiality.
  • The CVSS score of 8.1 indicates a high severity, meaning the vulnerability is relatively easy to exploit and can cause a high impact on confidentiality and integrity.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-44051. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart