CVE-2026-44055

Published: Mag 21, 2026 Last Modified: Mag 21, 2026
ExploitDB:
Other exploit source:
Google Dorks:
HIGH 7,5
Source: 33c584b5-0579-4c06-b2a0-8d8329fcab9c
Attack Vector: network
Attack Complexity: high
Privileges Required: low
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high

Description

AI Translation Available

A logic error involving bitwise OR operations in Netatalk 3.1.4 through 4.4.2 allows a remote authenticated attacker to inject OS commands and execute arbitrary code.

78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Stable
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Confidentiality Integrity Availability Non-Repudiation
Potential Impacts:
Execute Unauthorized Code Or Commands Dos: Crash, Exit, Or Restart Read Files Or Directories Modify Files Or Directories Read Application Data Modify Application Data Hide Activities
Applicable Platforms
Technologies: Not Technology-Specific, AI/ML, Web Server
Likelihood of Exploit: High
View CWE Details
https://netatalk.io/security/CVE-2026-44055
https://netatalk.io/security/CVE-2026-44055