EUVD-2026-34087

An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. django.core.mail.backends.smtp.EmailBackend in Django fails to prevent reuse of a partially-initialized connection after a failed STARTTLS handshake when failsilently=True, which allows on-path network attackers to read ema...

PT-2026-45948

An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. django.core.mail.backends.smtp.EmailBackend in Django fails to prevent reuse of a partially-initialized connection after a failed STARTTLS handshake when fail silently=True, which allows on-path network attackers to read...

Astra Linux - уязвимость в dovecot

The submission service in Dovecot before 2.3.15 allowed for STARTTLS command injection in the lib-smtp library. Sensitive information could be redirected to an address controlled by the attacker...

Astra Linux - уязвимость в thunderbird

During the plaintext phase of the STARTTLS connection setup, protocol commands could be injected and evaluated within the encrypted session. This vulnerability affects Thunderbird 78.7...

Unity Linux 20.1060e / 20.1070e Security Update: ruby (UTSA-2026-017525)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017525 advisory. An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Net::IMAP does not raise an exception when StartTLS fails with an an unkno...

Improper Enforcement of Behavioral Workflow

Overview Affected versions of this package are vulnerable to Improper Enforcement of Behavioral Workflow via the starttls function. An attacker can intercept and manipulate the communication by injecting a crafted response before the client completes sending the command, causing the connection to...

Astra Linux - уязвимость в exim4

The STARTTLS feature in Exim up to 4.94.2 allows for response injection buffering during MTA SMTP sending...

CVE-2026-41319

MailKit is a cross-platform mail client library built on top of MimeKit. A STARTTLS Response Injection vulnerability in versions prior to 4.16.0 allows a Man-in-the-Middle attacker to inject arbitrary protocol responses across the plaintext-to-TLS trust boundary, enabling SASL authentication...

CVE-2026-41319

MailKit is a cross-platform mail client library built on top of MimeKit. A STARTTLS Response Injection vulnerability in versions prior to 4.16.0 allows a Man-in-the-Middle attacker to inject arbitrary protocol responses across the plaintext-to-TLS trust boundary, enabling SASL authentication...

EUVD-2026-25388

MailKit is a cross-platform mail client library built on top of MimeKit. A STARTTLS Response Injection vulnerability in versions prior to 4.16.0 allows a Man-in-the-Middle attacker to inject arbitrary protocol responses across the plaintext-to-TLS trust boundary, enabling SASL authentication...

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' via the internal stream buffers SmtpStream, ImapStream, and Pop3Stream not being flushed during the STARTTLS upgrade process. An attacker c...

GHSA-9J88-VVJ5-VHGR MailKit has STARTTLS Response Injection via unflushed stream buffer that enables SASL mechanism downgrade

Summary A STARTTLS Response Injection vulnerability in MailKit allows a Man-in-the-Middle attacker to inject arbitrary protocol responses across the plaintext-to-TLS trust boundary, enabling SASL authentication mechanism downgrade e.g., forcing PLAIN instead of SCRAM-SHA-256. The internal read...

GO-2026-4484 Traefik: TCP readTimeout bypass via STARTTLS on Postgres in github.com/traefik/traefik

Traefik: TCP readTimeout bypass via STARTTLS on Postgres in github.com/traefik/traefik...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the STARTTLS component. An attacker can cause resource exhaustion by sending a specially crafted request and stalling the connection, which bypasses configured read timeouts and...

MiracleLinux 8 : bogofilter-1.2.5-2.el8, evolution-data-server-3.28.5-14.el8, evolution-mapi-3.28.3-3.el8, evolution-3.28.5-14.el8, openchange-2.3-26.el8 (AXSA:2021-1388:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1388:01 advisory. evolution-data-server: Response injection via STARTTLS in SMTP and POP3 CVE-2020-14928 Tenable has extracted the preceding description block directly from th...

TencentOS Server 3: evolution (TSSA-2022:0095)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0095 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

A flaw was found in nbdkit due to to improperly caching plaintext state across the STARTTLS encryption boundary. A MitM attacker could use this flaw to inject a plaintext NBD_OPT_STRUCTURED_REPLY before proxying everything else a client sends to the server, potentially leading the client to terminate the NBD session. The highest threat from this vulnerability is to system availability.

...

Linux Distros Unpatched Vulnerability : CVE-2013-4584

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Perdition before 2.2 may have weak security when handling outbound connections, caused by an error in the STARTTLS IMAP and POP server. ssloutgoingciphers not...

UBUNTU-CVE-2024-34083

aiosmptd is a reimplementation of the Python stdlib smtpd.py based on asyncio. Prior to version 1.4.6, servers based on aiosmtpd accept extra unencrypted commands after STARTTLS, treating them as if they came from inside the encrypted connection. This could be exploited by a man-in-the-middle...

CVE-2020-29547

An issue was discovered in Citadel through webcit-926. Meddler-in-the-middle attackers can pipeline commands after POP3 STLS, IMAP STARTTLS, or SMTP STARTTLS commands, injecting cleartext commands into an encrypted user session. This can lead to credential disclosure...