42 matches found
CVE-2026-50590
In Mimecast Incydr before 2.6.0, arbitrary file access can occur...
CVE-2026-50590
In Mimecast Incydr before 2.6.0, arbitrary file access can occur...
EUVD-2026-34777
In Mimecast Incydr before 2.6.0, arbitrary file access can occur...
CVE-2026-50590
In Mimecast Incydr before 2.6.0, arbitrary file access can occur...
CVE-2026-50590
Mimecast Incydr vulnerability CVE-2026-50590 affects versions before 2.6.0, enabling arbitrary file access. The provided documents do not specify the underlying root cause, affected components, or a remediation. No exploitation details are given. Action: monitor for updates and vendor advisories ...
CVE-2026-50590
In Mimecast Incydr before 2.6.0, arbitrary file access can occur...
CVE-2026-50590
In Mimecast Incydr before 2.6.0, arbitrary file access can occur...
PT-2026-46896
In Mimecast Incydr before 2.6.0, arbitrary file access can occur...
Malicious code in mimecast-web-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 31248312aa36cca999d7f40ba478d484be495b350e0858850baf3a9a6bf15630 The OpenSSF Package Analysis project identified 'mimecast-web-components' @ 2.0.0 npm as malicious. It is considered malicious because: - The...
MAL-2026-3618 Malicious code in mimecast-web-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 31248312aa36cca999d7f40ba478d484be495b350e0858850baf3a9a6bf15630 The OpenSSF Package Analysis project identified 'mimecast-web-components' @ 2.0.0 npm as malicious. It is considered malicious because: - The...
MAL-2026-3507 Malicious code in @mimecast-ui/components (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e59a7d55636b02d0a28954889c22f021de5b4f33c525ce7712706df60cd9af3 The package @mimecast-ui/components was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in @mimecast-ui/components (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e59a7d55636b02d0a28954889c22f021de5b4f33c525ce7712706df60cd9af3 The package @mimecast-ui/components was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in @mimecast-ui/charts (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e603deff481f2fdd492adde6f7d1f060fa7aa7d15f63abc4cc43fa7782409705 The package @mimecast-ui/charts was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-3506 Malicious code in @mimecast-ui/charts (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e603deff481f2fdd492adde6f7d1f060fa7aa7d15f63abc4cc43fa7782409705 The package @mimecast-ui/charts was found to contain malicious code. Source: ossf-package-analysis...
EUVD-2020-23996
Malware in sbrugna...
CVE-2020-36519
Mimecast Email Security before 2020-01-10 allows any admin to spoof any domain, and pass DMARC alignment via SPF. This occurs through misuse of the address rewrite feature. The domain being spoofed must be a customer in the Mimecast grid from which the spoofing occurs...
SEC Charges 4 Companies Over Misleading SolarWinds Cyber Attack Disclosures
The U.S. Securities and Exchange Commission SEC has charged four current and former public companies for making "materially misleading disclosures" related to the large-scale cyber attack that stemmed from the hack of SolarWinds in 2020. The SEC said the companies – Avaya, Check Point, Mimecast,...
mimecast.com Cross Site Scripting vulnerability OBB-2434587
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2020-36519
Mimecast Email Security before 2020-01-10 allows any admin to spoof any domain, and pass DMARC alignment via SPF. This occurs through misuse of the address rewrite feature. The domain being spoofed must be a customer in the Mimecast grid from which the spoofing occurs...
CVE-2020-36519
Mimecast Email Security before 2020-01-10 allows any admin to spoof any domain, and pass DMARC alignment via SPF. This occurs through misuse of the address rewrite feature. The domain being spoofed must be a customer in the Mimecast grid from which the spoofing occurs...