Lucene search
+L

44 matches found

NVD
NVD
added last week10 views

CVE-2026-57215

RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.20, 4.1.11, and 4.2.6, RabbitMQ allows foreign bindings to amq.rabbitmq.reply-to destinations because volatile direct-reply-to queues can be accepted at bind and route time but are missing from Khepri-backed deletion checks,...

8.8CVSS0.00349EPSS
Exploits1References6
Cvelist
Cvelist
added last week32 views

CVE-2026-57215 RabbitMQ: Direct-reply-to binding persistence can lead to unauthorized reply-channel injection and persistent phantom

RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.20, 4.1.11, and 4.2.6, RabbitMQ allows foreign bindings to amq.rabbitmq.reply-to destinations because volatile direct-reply-to queues can be accepted at bind and route time but are missing from Khepri-backed deletion checks,...

7CVSS0.00349EPSS
Exploits1References6
OSV
OSV
added last week2 views

CVE-2026-57215 RabbitMQ: Direct-reply-to binding persistence can lead to unauthorized reply-channel injection and persistent phantom

RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.20, 4.1.11, and 4.2.6, RabbitMQ allows foreign bindings to amq.rabbitmq.reply-to destinations because volatile direct-reply-to queues can be accepted at bind and route time but are missing from Khepri-backed deletion checks,...

7CVSS6.1AI score0.00349EPSS
Exploits1References8
CVE
CVE
added last week16 views

CVE-2026-57215

RabbitMQ vulnerability CVE-2026-57215 affects the broker’s binding logic for amq.rabbitmq.reply-to destinations. Before fixes, volatile direct-reply-to queues could be bound and routed even if not properly checked by Khepri-backed deletion checks, leaving persistent route entries after unbind. Af...

8.8CVSS6.1AI score0.00349EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2026/07/01 5:16 a.m.9 views

CVE-2026-12127

The WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More plugin for WordPress is vulnerable to Improper Neutralization of CRLF Sequences 'CRLF Injection' in all versions up to, and including, 1.10.2 This is due to getreplytoaddress processing the Reply-To...

5.3CVSS0.00343EPSS
Exploits0References11
EUVD
EUVD
added 2026/07/01 4:32 a.m.9 views

EUVD-2026-40907

The WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More plugin for WordPress is vulnerable to Improper Neutralization of CRLF Sequences 'CRLF Injection' in all versions up to, and including, 1.10.2 This is due to getreplytoaddress processing the Reply-To...

5.3CVSS5.9AI score0.00343EPSS
Exploits0References11
ATTACKERKB
ATTACKERKB
added 2026/07/01 4:32 a.m.12 views

CVE-2026-12127

The WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More plugin for WordPress is vulnerable to Improper Neutralization of CRLF Sequences 'CRLF Injection' in all versions up to, and including, 1.10.2 This is due to getreplytoaddress processing the Reply-To...

5.3CVSS5.9AI score0.00343EPSS
Exploits0References12
Cvelist
Cvelist
added 2026/07/01 4:32 a.m.42 views

CVE-2026-12127 WPForms <= 1.10.2 - Improper Neutralization of CRLF Sequences to Unauthenticated Email Header Injection via Reply-To Display Name

The WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More plugin for WordPress is vulnerable to Improper Neutralization of CRLF Sequences 'CRLF Injection' in all versions up to, and including, 1.10.2 This is due to getreplytoaddress processing the Reply-To...

5.3CVSS0.00343EPSS
Exploits0References11
CVE
CVE
added 2026/07/01 4:32 a.m.16 views

CVE-2026-12127

WPForms – Easy Form Builder for WordPress (WordPress plugin WPForms Lite) versions up to 1.10.2 are vulnerable to CRLF header injection in outgoing notification emails. The root cause is improper neutralization of CRLF sequences: get_reply_to_address() expands the Reply-To display name with conte...

5.3CVSS5.9AI score0.00343EPSS
Exploits0References11
OSV
OSV
added 2026/06/16 12:37 p.m.4 views

BIT-DISCOURSE-2026-44785 Discourse: Hidden reply-to post raw can be disclosed through AI explain prompts

Discourse is an open-source discussion platform. From versions 2026.1.0 to before 2026.1.4, 2026.3.0 to before 2026.3.1, and 2026.4.0 to before 2026.4.1, the AI "explain" helper only checks cansee? on the post being explained, not its replytopost, so any authenticated user with access to the AI...

4.3CVSS5.3AI score0.00189EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 5:4 a.m.11 views

CVE-2026-40999 Spring WS SSRF via unvalidated WS-Addressing reply destinations

When WS-Addressing is used with non-anonymous ReplyTo or FaultTo addresses, Spring WS may initiate outbound connections through configured WebServiceMessageSender instances to destinations taken directly from request headers without verifying that those destinations are safe to connect to. Affect...

8.6CVSS5.4AI score0.00383EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/11 5:4 a.m.33 views

CVE-2026-40999 Spring WS SSRF via unvalidated WS-Addressing reply destinations

When WS-Addressing is used with non-anonymous ReplyTo or FaultTo addresses, Spring WS may initiate outbound connections through configured WebServiceMessageSender instances to destinations taken directly from request headers without verifying that those destinations are safe to connect to. Affect...

8.6CVSS0.00383EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/11 5:4 a.m.13 views

EUVD-2026-36209

When WS-Addressing is used with non-anonymous ReplyTo or FaultTo addresses, Spring WS may initiate outbound connections through configured WebServiceMessageSender instances to destinations taken directly from request headers without verifying that those destinations are safe to connect to. Affect...

8.6CVSS5.4AI score0.00383EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:42 a.m.9 views

CVE-1999-0207

Remote attacker can execute commands through Majordomo using the Reply-To field and a "lists" command...

7.5CVSS7.5AI score0.08717EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-1999-0207

Malware in sbrugna...

7.5CVSS6.4AI score0.08717EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 8:59 a.m.7 views

CVE-2024-6224

The Send email only on Reply to My Comment WordPress plugin through 1.0.6 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

5.9CVSS5.8AI score0.00207EPSS
Exploits1References1
OSV
OSV
added 2024/11/12 3:15 a.m.20 views

CVE-2024-49394

In mutt and neomutt the In-Reply-To email header field is not protected by cryptographic signing which allows an attacker to reuse an unencrypted but signed email message to impersonate the original sender...

5.3CVSS5.3AI score0.00329EPSS
Exploits0References2
CVE
CVE
added 2024/11/12 2:7 a.m.77 views

CVE-2024-49394

CVE-2024-49394 affects mutt and neomutt: the In-Reply-To header is not cryptographically signed, enabling an attacker to impersonate the sender by reusing an unencrypted but signed email. Public references in the connected documents show multiple advisories addressing this issue and releasing fix...

5.3CVSS5.1AI score0.00329EPSS
Exploits0References5Affected Software2
Cvelist
Cvelist
added 2024/11/12 2:7 a.m.46 views

CVE-2024-49394 Mutt: neomutt: in-reply-to email header field it not protected by cryptograpic signing

In mutt and neomutt the In-Reply-To email header field is not protected by cryptographic signing which allows an attacker to reuse an unencrypted but signed email message to impersonate the original sender...

5.3CVSS0.00329EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/11/11 12:0 a.m.5 views

Mutt 安全漏洞

Mutt is a text-based e-mail client for Unix-like systems developed by Michael Elkins. A security vulnerability exists in Mutt that stems from the In-Reply-To email header field not being protected by a cryptographic signature, which allows an attacker to reuse unencrypted but signed email message...

5.3CVSS5.3AI score0.00329EPSS
Exploits0References2
Rows per page
Query Builder