Four simultaneous CVEs across Netatalk versions 2.0.0 through 4.4.2 cover heap overflow RCE, stack overflow RCE, out-of-bounds write RCE, arbitrary file read/write via symlink following, and LDAP credential cleartext logging — none patched at time of publication. Any organization running Netatalk for macOS-to-Linux AFP file sharing should treat this as a compounding, unpatchable exposure until the vendor releases a fix, and should implement immediate network segmentation and access restriction as the primary risk reduction action.