CVE-2026-44063 MEDIUM

CVE-2026-44063: LDAP filter injection

Vendor Netatalk
Product Netatalk
Weakness CWE-90 · LDAP injection
Published May 21, 2026
Last update May 21, 2026

CVSS base score

4.2/10
Attack vector Network
Attack complexity High
Privileges required Low
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

What the vulnerability does

01Description

An LDAP injection vulnerability in Netatalk 2.1.0 through 4.4.2 allows a remote authenticated attacker to manipulate LDAP queries and obtain limited information or modify LDAP entries via crafted filter input.

Key dates

02Disclosure timeline

May 21, 2026 CVE published
May 21, 2026 Record updated