29 matches found
EUVD-2026-24258
mailcow: dockerized is an open source groupware/email suite based on docker. In versions prior to 2026-03b, the user dashboard's "Seen successful connections" login history renders the client IP from login logs without HTML escaping. Because the server trusts the X-Real-IP header as the source IP...
📄 mailcow: Dockerized Host Header Password Reset Poisoning
mailcow: dockerized versions prior to 2025-01a are vulnerable to Host header poisoning in the password reset workflow. The application incorrectly trusts the Host header when generating password reset links, allowing an attacker to inject an attacker-controlled domain into the reset URL. If a...
CVE-2022-31245
mailcow before 2022-05d allows a remote authenticated user to inject OS commands and escalate privileges to domain admin via the --debug option in conjunction with the ---PIPEMESS option in Sync Jobs...
CVE-2022-31138
mailcow is a mailserver suite. Prior to mailcow-dockerized version 2022-06a, an extended privilege vulnerability can be exploited by manipulating the custom parameters regexmess, skipmess, regexflag, delete2foldersonly, delete2foldersbutnot, regextrans2, pipemess, or maxlinelengthcmd to execute...
EUVD-2025-21774
Malicious code in bioql PyPI...
EUVD-2024-29108
Malicious code in bioql PyPI...
EUVD-2022-41770
Malicious code in bioql PyPI...
EUVD-2024-22150
Malicious code in bioql PyPI...
EUVD-2024-53178
Malicious code in bioql PyPI...
EUVD-2025-4084
Malicious code in bioql PyPI...
CVE-2025-53909
mailcow: dockerized is an open source groupware/email suite based on docker. A Server-Side Template Injection SSTI vulnerability exists in versions prior to 2025-07 in the notification template system used by mailcow for sending quota and quarantine alerts. The template rendering engine allows...
CVE-2024-30270
mailcow: dockerized is an open source groupware/email suite based on docker. A security vulnerability has been identified in mailcow affecting versions prior to 2024-04. This vulnerability is a combination of path traversal and arbitrary code execution, specifically targeting the rspamdmaps...
CVE-2024-23824
mailcow is a dockerized email package, with multiple containers linked in one bridged network. The application is vulnerable to pixel flood attack, once the payload has been successfully uploaded in the logo the application goes slow and doesn't respond in the admin page. It is tested on the...
CVE-2023-26490
mailcow is a dockerized email package, with multiple containers linked in one bridged network. The Sync Job feature - which can be made available to standard users by assigning them the necessary permission - suffers from a shell command injection. A malicious user can abuse this vulnerability to...
CVE-2025-25198
mailcow: dockerized is an open source groupware/email suite based on docker. Prior to version 2025-01a, a vulnerability in mailcow's password reset functionality allows an attacker to manipulate the Host HTTP header to generate a password reset link pointing to an attacker-controlled domain. This...
CVE-2025-25198
mailcow: dockerized is an open source groupware/email suite based on docker. Prior to version 2025-01a, a vulnerability in mailcow's password reset functionality allows an attacker to manipulate the Host HTTP header to generate a password reset link pointing to an attacker-controlled domain. This...
CVE-2025-25198
CVE-2025-25198 affects mailcow: dockerized prior to 2025-01a. The password reset function can be manipulated via the Host HTTP header to generate a reset link pointing to an attacker‑controlled domain, enabling potential account takeover if a user clicks the poisoned link. A patch is available in...
CVE-2022-39258
mailcow is a mailserver suite. A vulnerability innversions prior to 2022-09 allows an attacker to craft a custom Swagger API template to spoof Authorize links. This could redirect a victim to an attacker controller place to steal Swagger authorization credentials or create a phishing page to stea...
CVE-2024-56529
Mailcow through 2024-11b has a session fixation vulnerability in the web panel. It allows remote attackers to set a session identifier when HSTS is disabled on a victim's browser. After a user logs in, they are authenticated and the session identifier is valid. Then, a remote attacker can access...
CVE-2024-56529
Mailcow through 2024-11b has a session fixation vulnerability in the web panel. It allows remote attackers to set a session identifier when HSTS is disabled on a victim's browser. After a user logs in, they are authenticated and the session identifier is valid. Then, a remote attacker can access...