swiftmailer/swiftmailer is vulnerable to Command Injection. The vulnerability is due to improper handling of the βFromβ header when it comes from a non-trusted source and when no βReturn-Pathβ is configured, which allows an attacker to execute arbitrary shell commands.