1399 matches found
CVE-2026-43859
A flaw was found in mutt, an email client, where it mishandles cryptographic digests used for IMAP Internet Message Access Protocol authentication. This incorrect handling could lead to a low integrity impact, potentially allowing a remote attacker to subtly affect the authentication process...
CVE-2026-43861
A flaw was found in mutt, an email client. The urlpctdecode function, which is responsible for decoding URL-encoded strings, does not correctly handle null termination characters. This vulnerability could allow a remote attacker, to manipulate how URLs are processed, potentially leading to a...
mutt-2.3.2-1.1 on GA media (moderate)
mutt-2.3.2-1.1 on GA media Announcement ID: openSUSE-SU-2026:10695-1 Rating: moderate Cross-References: CVE-2026-43859 CVE-2026-43861 CVE-2026-43862 CVE-2026-43863 CVSS scores: CVE-2026-43859 SUSE : 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N CVE-2026-43859 SUSE : 6.3...
SUSE CVE-2026-43859
mutt before 2.3.2 sometimes uses strfcpy instead of memcpy for the IMAP authcram MD5 digest...
SUSE CVE-2026-43860
mutt before 2.3.2 sometimes truncates the hashpasswd by one byte for IMAP authcram MD5 digest...
SUSE CVE-2026-43861
mutt before 2.3.2 does not check for '\0' in urlpctdecode...
SUSE CVE-2026-43862
In mutt before 2.3.2, the imapauthgss security level is mishandled...
SUSE CVE-2026-43863
mutt before 2.3.2 has an infinite loop in dataobjecttostream in crypt-gpgme.c...
SUSE CVE-2026-43864
mutt before 2.3.2 has a showsigsummary NULL pointer dereference...
PT-2026-37369
These are all security issues fixed in the mutt-2.3.2-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2026:10695-1 mutt-2.3.2-1.1 on GA media
These are all security issues fixed in the mutt-2.3.2-1.1 package on the GA media of openSUSE Tumbleweed...
CVE-2026-43864
mutt before 2.3.2 has a showsigsummary NULL pointer dereference...
CVE-2026-43863
mutt before 2.3.2 has an infinite loop in dataobjecttostream in crypt-gpgme.c...
UBUNTU-CVE-2026-43862
In mutt before 2.3.2, the imapauthgss security level is mishandled...
CVE-2026-43860
mutt before 2.3.2 sometimes truncates the hashpasswd by one byte for IMAP authcram MD5 digest...
CVE-2026-43863
mutt before 2.3.2 has an infinite loop in dataobjecttostream in crypt-gpgme.c...
CVE-2026-43862
In mutt before 2.3.2, the imapauthgss security level is mishandled...
CVE-2026-43859
mutt before 2.3.2 sometimes uses strfcpy instead of memcpy for the IMAP authcram MD5 digest...
CVE-2026-43861
mutt before 2.3.2 does not check for '\0' in urlpctdecode...
CVE-2026-43864
mutt before 2.3.2 has a showsigsummary NULL pointer dereference...