PT-2026-39789

A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. Replying to an email could display remote images in Mail in Lockdown Mode...

Mail stored HTML injection in subject text

None...

CVE-2025-43280

CVE-2025-43280 affects Apple iOS/iPadOS Mail behavior. The vulnerability, stemming from forwarding an email in Lockdown Mode, could allow remote images to load in Mail. Apple notes the issue is resolved by not loading remote images, with fixes included in iOS 18.6 and iPadOS 18.6. The public reco...

EUVD-2012-0677

Malware in sbrugna...

EUVD-2023-28009

Malicious code in bioql PyPI...

EUVD-2024-45923

Malicious code in bioql PyPI...

EUVD-2025-25112

Malicious code in bioql PyPI...

EUVD-2023-52367

Malicious code in bioql PyPI...

CVE-2025-9102

A security vulnerability has been detected in 1&1 Mail & Media mail.com App 8.8.0 on Android. Affected is an unknown function of the file AndroidManifest.xml of the component com.mail.mobile.android.mail. The manipulation leads to improper export of android application components. It is possible ...

CVE-2025-9102

A security vulnerability has been detected in 1&1 Mail & Media mail.com App 8.8.0 on Android. Affected is an unknown function of the file AndroidManifest.xml of the component com.mail.mobile.android.mail. The manipulation leads to improper export of android application components. It is possible ...

CVE-2025-9102

A security vulnerability has been detected in 1&1 Mail & Media mail.com App 8.8.0 on Android. Affected is an unknown function of the file AndroidManifest.xml of the component com.mail.mobile.android.mail. The manipulation leads to improper export of android application components. It is possible ...

CVE-2025-9102 1&1 Mail & Media mail.com App com.mail.mobile.android.mail AndroidManifest.xml improper export of android application components

A security vulnerability has been detected in 1&1 Mail & Media mail.com App 8.8.0 on Android. Affected is an unknown function of the file AndroidManifest.xml of the component com.mail.mobile.android.mail. The manipulation leads to improper export of android application components. It is possible ...

1&1 Mail & Media mail.com App 安全漏洞

1&1 Mail & Media mail.com App is an email application from the German company 1&1 Mail & Media. A security vulnerability exists in 1&1 Mail & Media mail.com App version 8.8.0, which stems from an improper export of the component com.mail.mobile.android.mail, which allows a local attacker to launc...

CVE-2023-48307

Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. Starting in version 1.13.0 and prior to version 2.2.8 and 3.3.0, an attacker can use an unprotected endpoint in the Mail app to perform a SSRF attack. Nextcloud Mail app versions 2.2.8 and 3.3.0 contain a patch for...

CVE-2024-52508

Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. When a user is trying to set up a mail account with an email address like [email protected] that does not support auto configuration, and an attacker managed to register autoconfig.tld, the used email details would ...

CVE-2024-52509 Nextcloud Mail app does not respect download permissions in shares

Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. The Nextcloud mail app incorrectly allowed attaching shared files without download permissions as attachments. This allowed users to send them the files to themselves and then downloading it from their mail clients...

CVE-2024-52509 Nextcloud Mail app does not respect download permissions in shares

Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. The Nextcloud mail app incorrectly allowed attaching shared files without download permissions as attachments. This allowed users to send them the files to themselves and then downloading it from their mail clients...

CVE-2024-52508 Nextcloud Mail auto configurator can be tricked into sending account information to wrong servers

Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. When a user is trying to set up a mail account with an email address like [email protected] that does not support auto configuration, and an attacker managed to register autoconfig.tld, the used email details would ...

CVE-2024-52508 Nextcloud Mail auto configurator can be tricked into sending account information to wrong servers

Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. When a user is trying to set up a mail account with an email address like [email protected] that does not support auto configuration, and an attacker managed to register autoconfig.tld, the used email details would ...

CVE-2024-52508

CVE-2024-52508 affects Nextcloud Mail. The auto configuration flow can cause email account details to be sent to an attacker-controlled autoconfig.tld when a user’s domain cannot auto-configure. Affected Nextcloud Mail versions include pre-1.14.6, pre-1.15.4, pre-2.2.11, pre-3.6.3, pre-3.7.7, and...