CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

136 matches found

vulnersOsv•added 2026/04/27 12:30 p.m.•5 views

io.automatiko.addons.services:automatiko-receive-email-addon (>=0.7.0 <=0.46.0), org.apache.camel.kafkaconnector:camel-imap-kafka-connector (>=0.1.0 <=0.11.5) +21 more potentially affected by CVE-2026-33454 via org.apache.camel:camel-mail (>=3.0.0 <=4.14.5)

org.apache.camel:camel-mail MAVEN version =3.0.0, =0.7.0, =0.1.0, =0.1.0, =1.0.0, =1.0.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =4.10.3, =1.0.0, =3.25.0, =1.0.0, =1.0.0, =3.19.0, =3.27.3 and more Source cves: CVE-2026-33454https://...

9.4CVSS5.8AI score0.00393EPSS

Exploits0

Cvelist•added 2026/04/27 9:42 a.m.•34 views

CVE-2026-33454 Apache Camel: Inbound Header Filter Missing in MailHeaderFilterStrategy Allows Remote Code Execution via MIME Header Injection (CVE-2025-30177 Variant)

The Camel-Mail component is vulnerable to Camel message header injection. The custom header filter strategy used by the component MailHeaderFilterStrategy only filters the 'out' direction via setOutFilterStartsWith, while it does not configure the 'in' direction via setInFilterStartsWith. As a...

0.00393EPSS

Exploits0References1

CVE•added 2026/02/19 5:57 p.m.•23 views

CVE-2026-23611

GFI MailEssentials AI (versions prior to 22.4) contains a stored cross-site scripting vulnerability in the IP Blocklist management page. An authenticated user can submit HTML/JavaScript via ctl00$ContentPlaceHolder1$pv1$txtIPDescription on /MailEssentials/pages/MailSecurity/ipblocklist.aspx, whic...

5.4CVSS5.4AI score0.00173EPSS

Exploits0References2Affected Software1

ATTACKERKB•added 2026/02/09 7:9 a.m.•4 views

CVE-2026-2234

C&Cm@il developed by HGiga has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read and modify any user's mail content...

9.3CVSS5.5AI score0.00449EPSS

Exploits0References3

CNNVD•added 2025/12/16 12:0 a.m.•9 views

Blue Mail 安全漏洞

Blue Mail is an email client from Blue Mail, Inc. A security vulnerability exists in Blue Mail versions 1.140.103 and earlier, which stems from a failure to add the Mark-of-the-Web tag when saving a document, and could lead to a bypass of the file protection mechanism...

9.1CVSS8.5AI score0.00478EPSS

Exploits3References5

IBM Security Bulletins•added 2025/11/17 2:54 p.m.•8 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is affected by an SMTP injection vulnerability due to Jakarta Mail (CVE-2025-7962)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is affected by an SMTP injection vulnerability in the Jakarta Mail library with the javaMail-1.5, javaMail-1.6, mail-2.0, or mail-2.1 feature enabled. Vulnerability Details Refer to the security...

7.5CVSS5.3AI score0.00756EPSS

Exploits0Affected Software1