CVE-2026-44074
Deferred Deferred - Pending Action
Netatalk Error Code Handling Flaw Allows Minor Service Disruption

Publication date: 2026-05-21

Last updated on: 2026-05-21

Assigner: securin

Description
Netatalk 2.1.0 through 4.4.2 combines multiple errno values using bitwise OR, resulting in incorrect error codes when multiple error conditions occur simultaneously, which may allow a remote attacker to cause a minor service disruption via conditions that trigger incorrect error-handling paths.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-21
Last Modified
2026-05-21
Generated
2026-06-10
AI Q&A
2026-05-21
EPSS Evaluated
2026-06-09
NVD
CVE-2026-44074
EUVD
EUVD-2026-31247
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
netatalk netatalk From 2.1.0 (inc) to 4.4.2 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-682 The product performs a calculation that generates incorrect or unintended results that are later used in security-critical decisions or resource management.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in Netatalk versions 2.1.0 through 4.4.2. It occurs because the software combines multiple errno values using a bitwise OR operation. This results in incorrect error codes when multiple error conditions happen at the same time. Because of this, the error-handling paths may be incorrect.

A remote attacker can exploit this flaw to cause a minor disruption of the service by triggering conditions that lead to these incorrect error-handling paths.

Impact Analysis

The impact of this vulnerability is limited to causing a minor service disruption. It does not affect confidentiality, integrity, or major availability aspects of the system.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-44074. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart