Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-44742 | 1 Postorius Project | 1 Postorius | 2026-05-26 | N/A | 7.2 HIGH |
| Postorius through 1.3.13 does not escape HTML in the message subject when rendering it in the Held messages pop-up, as exploited in the wild in May 2026. | |||||
| CVE-2021-40347 | 1 Postorius Project | 1 Postorius | 2024-11-21 | 5.5 MEDIUM | 5.4 MEDIUM |
| An issue was discovered in views/list.py in GNU Mailman Postorius before 1.3.5. An attacker (logged into any account) can send a crafted POST request to unsubscribe any user from a mailing list, also revealing whether that address was subscribed in the first place. | |||||