CVE-2026-44066

HIGHNVD 7.17.1—Trending — 3 sources updated this week

7.1

Multiple heap out-of-bounds reads in the Spotlight RPC unmarshalling code in Netatalk 3.1.0 through 4.4.2 allow a remote authenticated attacker to obtain sensitive information or cause a minor service disruption.

CVSS v3: 7.1
EG Score: 7.1(high)
EPSS: 20.5%
KEV: Not listed

Published

May 21, 2026

Last Modified

May 21, 2026

Advisory Details (1)

Auto-updated Jun 11, 2026

No patch confirmed yet.

generic

Netatalk - Netatalk Security Advisory

https://netatalk.io/security/CVE-2026-44066

Vendor Advisories for CVE-2026-44066(1)

These vendors published their own advisory mentioning this CVE — often with vendor-specific remediation steps + affected product lists not in NVD.

GHSA-93hj-5v8r-h26w
GitHub Security AdvisoriesHigh
Multiple heap out-of-bounds reads in the Spotlight RPC unmarshalling code in Netatalk 3.1.0...

Weakness Classification(1)

MITRE Common Weakness Enumeration — the root-cause categories this CVE belongs to.

CWE-125Out-of-bounds Read

Data Freshness Timeline

(refreshed 19× in last 7d / 108× in last 30d)

Each row is a source pipeline that fetched or updated this CVE on that date, with what changed. For example, "NVD update" means NVD published or revised its analysis for this CVE; "MITRE cvelistV5" means we ingested or refreshed it from the CNA feed. Most recent first.

Showing the most recent 100 of 112 total refreshes for this CVE.

2026-06-21 14:56 UTCEPSS rescore
2026-06-21 14:56 UTCEPSS rescore
2026-06-21 01:59 UTCEPSS rescore
2026-06-19 19:25 UTCEPSS rescore
2026-06-18 17:52 UTCEPSS rescore
2026-06-18 17:52 UTCEPSS rescore
2026-06-17 23:42 UTCEG score recompute
2026-06-17 23:42 UTCGHSA enrichment
2026-06-17 17:53 UTCEPSS rescore
2026-06-17 11:15 UTCEG score recompute
2026-06-17 11:15 UTCGHSA enrichment
2026-06-16 20:03 UTCEG score recompute
2026-06-16 20:03 UTCGHSA enrichment
2026-06-16 17:52 UTCEPSS rescore
2026-06-16 04:01 UTCEG score recompute
2026-06-16 04:01 UTCGHSA enrichment
2026-06-15 17:49 UTCEPSS rescore
2026-06-15 15:44 UTCEG score recompute
2026-06-15 15:44 UTCGHSA enrichment
2026-06-14 22:57 UTCEG score recompute
2026-06-14 22:57 UTCGHSA enrichment
2026-06-14 10:41 UTCEG score recompute
2026-06-14 10:41 UTCGHSA enrichment
2026-06-13 23:00 UTCEPSS rescore
2026-06-13 22:23 UTCEG score recompute

Show 75 more

2026-06-13 22:22 UTCGHSA enrichment
2026-06-13 10:04 UTCEG score recompute
2026-06-13 10:03 UTCGHSA enrichment
2026-06-12 23:12 UTCEPSS rescore
2026-06-12 23:12 UTCEPSS rescore
2026-06-12 21:40 UTCEG score recompute
2026-06-12 21:40 UTCGHSA enrichment
2026-06-12 09:23 UTCEG score recompute
2026-06-12 09:22 UTCGHSA enrichment
2026-06-11 21:05 UTCEG score recompute
2026-06-11 21:05 UTCGHSA enrichment
2026-06-11 14:00 UTCEPSS rescore
2026-06-11 08:48 UTCEG score recompute
2026-06-11 08:48 UTCGHSA enrichment
2026-06-10 22:18 UTCEPSS rescore
2026-06-10 20:32 UTCEG score recompute
2026-06-10 20:32 UTCGHSA enrichment
2026-06-10 13:22 UTCEPSS rescore
2026-06-10 13:22 UTCEPSS rescore
2026-06-10 08:14 UTCEG score recompute
2026-06-10 08:14 UTCGHSA enrichment
2026-06-09 19:57 UTCEG score recompute
2026-06-09 19:57 UTCGHSA enrichment
2026-06-09 07:41 UTCEG score recompute
2026-06-09 07:41 UTCGHSA enrichment
2026-06-08 19:24 UTCEG score recompute
2026-06-08 19:24 UTCGHSA enrichment
2026-06-08 14:17 UTCEPSS rescore
2026-06-08 14:17 UTCEPSS rescore
2026-06-08 06:42 UTCEG score recompute
2026-06-08 06:42 UTCGHSA enrichment
2026-06-07 18:26 UTCEG score recompute
2026-06-07 18:26 UTCGHSA enrichment
2026-06-07 15:25 UTCEPSS rescore
2026-06-07 15:25 UTCEPSS rescore
2026-06-07 06:09 UTCEG score recompute
2026-06-07 06:09 UTCGHSA enrichment
2026-06-06 17:52 UTCEG score recompute
2026-06-06 17:52 UTCGHSA enrichment
2026-06-06 13:47 UTCEPSS rescore
2026-06-06 13:47 UTCEPSS rescore
2026-06-06 05:35 UTCEG score recompute
2026-06-06 05:35 UTCGHSA enrichment
2026-06-05 22:47 UTCEPSS rescore
2026-06-05 17:18 UTCEG score recompute
2026-06-05 17:18 UTCGHSA enrichment
2026-06-05 06:10 UTCEPSS rescore
2026-06-05 06:10 UTCEPSS rescore
2026-06-05 05:01 UTCEG score recompute
2026-06-05 05:01 UTCGHSA enrichment
2026-06-04 16:44 UTCEG score recompute
2026-06-04 16:44 UTCGHSA enrichment
2026-06-04 13:12 UTCEPSS rescore
2026-06-04 13:12 UTCEPSS rescore
2026-06-04 04:27 UTCEG score recompute
2026-06-04 04:27 UTCGHSA enrichment
2026-06-03 16:10 UTCEG score recompute
2026-06-03 16:10 UTCGHSA enrichment
2026-06-03 03:53 UTCEG score recompute
2026-06-03 03:53 UTCGHSA enrichment
2026-06-02 20:13 UTCEPSS rescore
2026-06-02 15:36 UTCEG score recompute
2026-06-02 15:36 UTCGHSA enrichment
2026-06-02 03:19 UTCEG score recompute
2026-06-02 03:19 UTCGHSA enrichment
2026-06-01 15:02 UTCEG score recompute
2026-06-01 15:02 UTCGHSA enrichment
2026-06-01 13:52 UTCEPSS rescore
2026-06-01 13:52 UTCEPSS rescore
2026-06-01 02:45 UTCEG score recompute
2026-06-01 02:45 UTCGHSA enrichment
2026-05-31 22:30 UTCEPSS rescore
2026-05-31 22:30 UTCEPSS rescore
2026-05-31 00:16 UTCEPSS rescore
2026-05-31 00:16 UTCEPSS rescore

Frequently asked(5)

What is CVE-2026-44066?

CVE-2026-44066 is a high vulnerability published on May 21, 2026. Multiple heap out-of-bounds reads in the Spotlight RPC unmarshalling code in Netatalk 3.1.0 through 4.4.2 allow a remote authenticated attacker to obtain sensitive information or cause a minor service disruption.

When was CVE-2026-44066 disclosed?

CVE-2026-44066 was first published in the National Vulnerability Database on May 21, 2026. EchelonGraph re-ingests CVE updates from NVD on a 2-hour cycle, so this page reflects the latest published state.

Is CVE-2026-44066 actively exploited?

CVE-2026-44066 is not currently on CISA's Known Exploited Vulnerabilities catalog. FIRST EPSS estimates a 20.5% percentile likelihood of exploitation in the next 30 days — higher percentiles indicate greater predicted risk.

What is the CVSS score of CVE-2026-44066?

CVE-2026-44066 has a CVSS v3 base score of 7.1 (NVD).

How do I remediate CVE-2026-44066?

Patch to the fixed version published by the affected vendor. Where vendor advisories exist for CVE-2026-44066, EchelonGraph cross-links them in the Vendor Advisories panel below — those typically contain the canonical remediation steps, fixed version numbers, and any vendor-specific mitigations.

Dependency Blast Radius

Explore the affected products and dependency analysis for CVE-2026-44066

Explore →

Is Your Infrastructure Affected by CVE-2026-44066?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2026-44066

📅 Published

🔄 Last Modified

📋 Advisory Details (1)

Netatalk - Netatalk Security Advisory

📣 Vendor Advisories for CVE-2026-44066(1)

Weakness Classification(1)

Data Freshness Timeline

❓ Frequently asked(5)