Vulners
Lucene search
2 matches found
SUSE CVE-2026-22689
Mailpit is an email testing tool and API for developers. Prior to version 1.28.2, the Mailpit WebSocket server is configured to accept connections from any origin. This lack of Origin header validation introduces a Cross-Site WebSocket Hijacking CSWSH vulnerability. An attacker can host a malicio...
6.5CVSS5.8AI score0.00012EPSS
Exploits2References2
EUVD-2026-1872
Mailpit is vulnerable to Cross-Site WebSocket Hijacking CSWSH allowing unauthenticated access to emails...
6.5CVSS6.3AI score0.00012EPSS
Exploits2References3
20