CVE-2016-1000282
Haraka version 2.8.8 and earlier comes with a plugin for processing attachments for zip files. Versions 2.8.8 and earlier can be vulnerable to command injection.
9.8CVSS
9.6AI Score
0.008EPSS