CVE-2026-44062
HIGH
NVD
CVSS Score
7.5
Severity
HIGH
Published
May 21, 2026
Vendor
unknown
Description
A missing output length bounds check in pull_charset_flags() in Netatalk 2.0.4 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code or cause a denial of service via crafted character set data.