vulnerability

FreeBSD: VID-01f34a27-f560-11f0-bbdc-10ffe07f9334 (CVE-2026-23829): mail/mailpit -- multiple vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:P/A:N)	Jan 19, 2026	Jan 27, 2026	Jan 27, 2026

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:P/A:N)

Published

Jan 19, 2026

Added

Jan 27, 2026

Modified

Jan 27, 2026

Description

Mailpit author reports: Ensure SMTP TO & FROM addresses are RFC 5322 compliant and prevent header injection (GHSA-54wq-72mp-cq7c) Prevent Server-Side Request Forgery (SSRF) via HTML Check API (GHSA-6jxm-fv7w-rw5j)

Solution

freebsd-upgrade-package-mailpit

References

CVE-2026-23829
https://attackerkb.com/topics/CVE-2026-23829
CWE-93
CWE-150

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today