CVE-2026-23606

Technical details (affected product/version, root cause, fix) are not publicly available in the provided connected documents. Monitor for updates on CVE-2026-23606.

CVE-2026-23605 GFI MailEssentials AI < 22.4 Attachment Filtering Rule Stored XSS

GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the Attachment Filtering rule creation workflow. An authenticated user can supply HTML/JavaScript in the ctl00$ContentPlaceHolder1$pv1$TXBRuleName parameter to...

PT-2026-20887

Name of the Vulnerable Software and Affected Versions GFI MailEssentials AI versions prior to 22.4 Description The software contains a stored cross-site scripting issue in the Anti-Spam Whitelist management interface. A user with valid credentials can inject HTML or JavaScript code into the...

PT-2026-20895

Name of the Vulnerable Software and Affected Versions GFI MailEssentials AI versions prior to 22.4 Description GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting issue in the Sender Policy Framework Email Exceptions interface. An authenticated user can inject HTML ...

CVE-2024-55401

An issue in 4C Strategies Exonaut before v22.4 allows attackers to execute a directory traversal...