CVE-2026-27808 Mailpit is Vulnerable to Server-Side Request Forgery (SSRF) via Link Check API

Mailpit is an email testing tool and API for developers. Prior to version 1.29.2, the Link Check API /api/v1/message/ID/link-check is vulnerable to Server-Side Request Forgery SSRF. The server performs HTTP HEAD requests to every URL found in an email without validating target hosts or filtering...

SUSE CVE-2026-23845

Mailpit is an email testing tool and API for developers. Versions prior to 1.28.3 are vulnerable to Server-Side Request Forgery SSRF via HTML Check CSS Download. The HTML Check feature /api/v1/message/ID/html-check is designed to analyze HTML emails for compatibility. During this process, the...

GHSA-6JXM-FV7W-RW5J Mailpit has a Server-Side Request Forgery (SSRF) via HTML Check API

Server-Side Request Forgery SSRF via HTML Check CSS Download The HTML Check feature /api/v1/message/ID/html-check is designed to analyze HTML emails for compatibility. During this process, the inlineRemoteCSS function automatically downloads CSS files from external tags to inline them for testing...

Mailpit security vulnerabilities

Mailpit is an email testing tool developed by Ralph Slooten personally. Versions of Mailpit prior to 1.28.3 contained a security vulnerability. This vulnerability stemmed from insufficient regular expressions used to validate the RCPT TO and MAIL FROM addresses, which could lead to header injecti...

CRLF Injection

Overview Affected versions of this package are vulnerable to CRLF Injection via insufficient validation of FROM and TO parameters. An attacker can inject arbitrary SMTP headers or corrupt existing ones by including carriage return characters in email addresses. Remediation Upgrade...

GHSA-524M-Q5M7-79MM Mailpit is vulnerable to Cross-Site WebSocket Hijacking (CSWSH) allowing unauthenticated access to emails

Summary The Mailpit WebSocket server is configured to accept connections from any origin. This lack of Origin header validation introduces a Cross-Site WebSocket Hijacking CSWSH vulnerability. An attacker can host a malicious website that, when visited by a developer running Mailpit locally,...

EUVD-2026-1872

Mailpit is vulnerable to Cross-Site WebSocket Hijacking CSWSH allowing unauthenticated access to emails...

CVE-2026-22689

Mailpit prior to v1.28.2 is vulnerable to Cross-Site WebSocket Hijacking (CSWSH) because the WebSocket upgrader accepts connections from any origin (CheckOrigin always true). This enables a malicious site to create a WebSocket to ws://localhost:8025 and receive real-time data such as email conten...

PT-2026-2243

Name of the Vulnerable Software and Affected Versions Mailpit versions prior to 1.28.2 Description Mailpit, an email testing tool and API for developers, contains a Cross-Site WebSocket Hijacking CSWSH issue in its WebSocket server. The server, in versions prior to 1.28.2, does not validate the...