Primary

Context

Netatalk Hextoint Macro Uppercase Bug Vulnerability

Vulnerability

Patched

A vulnerability exists in Netatalk versions 2.0.0 through 4.4.2, where the hextoint macro improperly decodes uppercase hexadecimal characters. This flaw can lead to filename corruption or inconsistencies in filename lookups, although it does not directly allow for code execution, privilege escalation, or exposure of sensitive data.

Impact

This vulnerability can cause filename corruption or lookup inconsistencies, potentially leading to application errors or misbehavior.

Remediation

Users can upgrade to Netatalk version 4.5.0 or later, which includes the necessary patch. Alternatively, for those using Netatalk 4.4.2, the patch can be applied manually. The Netatalk team advises against proactively applying the patch to existing deployments due to the low likelihood of practical exploitation.

Added: May 21, 2026, 8:18 AM

Updated: May 21, 2026, 8:18 AM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

0.6

exploitability

6.3

remediation

7.9

relevance

9.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

0.6

exploitability

6.3

remediation

7.9

relevance

9.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Netatalk Hextoint Macro Uppercase Bug Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Netatalk

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating