VYPR
High severity7.6NVD Advisory· Published May 21, 2026· Updated May 21, 2026

CVE-2026-44068

CVE-2026-44068

Description

Incomplete sanitization of extended attribute (EA) path components in Netatalk 2.1.0 through 4.4.2 allows a remote authenticated attacker to write to files outside the intended metadata namespace via crafted EA names.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1

Patches

Vulnerability mechanics

References

1

News mentions

1