CVE-2026-41132

CVE-2026-41132 affects CKAN prior to versions 2.10.10 and 2.11.5, where the SMTP connection lacks certificate validation. This allows a MITM attacker to spoof the SMTP server and potentially access credentials and email contents. The issue is mitigated by upgrading CKAN to 2.10.10 or 2.11.5 (or n...

Important: nginx

Issue Overview: When the ngxmailauthhttpmodule module is enabled on NGINX Plus or NGINX Open Source, undisclosed requests can cause worker processes to terminate. This issue may occur when 1 CRAM-MD5 or APOP authentication is enabled, and 2 the authentication server permits retry by returning the...

CVE-2019-25646 Tabs Mail Carrier 2.5.1 Buffer Overflow via MAIL FROM

Tabs Mail Carrier 2.5.1 contains a buffer overflow vulnerability in the MAIL FROM SMTP command that allows remote attackers to execute arbitrary code by sending a crafted MAIL FROM parameter. Attackers can connect to the SMTP service on port 25 and send a malicious MAIL FROM command with an...

EUVD-2026-3297

Mailpit has an SMTP Header Injection via Regex Bypass...

OESA-2025-2526 netty security update

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers clients. %package help Summary: Documents for Buildarch: noarch Requires: man info Provides: -javadoc = - Obsoletes: -javadoc - %description help Man pages a...

PT-2025-42370

Name of the Vulnerable Software and Affected Versions Netty versions prior to 4.1.128.Final and 4.2.7.Final Description Netty is an asynchronous, event-driven network application framework. A SMTP command injection vulnerability exists in the SMTP codec due to insufficient input validation for...

EUVD-2002-2059

Malware in sbrugna...

EUVD-2002-2100

Malware in sbrugna...

EUVD-2004-2320

Malware in sbrugna...

EUVD-1999-1024

Malware in sbrugna...

EUVD-2006-3212

Malware in sbrugna...

EUVD-2023-36725

Malicious code in bioql PyPI...

EUVD-2024-40179

Malicious code in bioql PyPI...

EUVD-2023-28009

Malicious code in bioql PyPI...

EUVD-2024-0681

Malicious code in bioql PyPI...

Moderate: Red Hat Security Advisory: Red Hat build of Keycloak 26.2.8 Images Security Update

New images are available for Red Hat build of Keycloak 26.2.8 and Red Hat build of Keycloak 26.2.8 Operator, running on OpenShift Container Platform Red Hat build of Keycloak is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat...

CVE-2025-0957

The SMTP for Amazon SES – YaySMTP plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.7.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages tha...

CVE-2025-0918

The SMTP for SendGrid – YaySMTP plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that wi...

Exploit for OS Command Injection in Zimbra Collaboration

CVE-2024-45519 CVE-2024-45519 is a high-risk vulnerability in...

CVE-2024-50530

Unrestricted Upload of File with Dangerous Type vulnerability in Myriad Solutionz Stars SMTP Mailer allows Upload a Web Shell to a Web Server.This issue affects Stars SMTP Mailer: from n/a through 1.7...