What is CVE-2026-25602?

CVE-2026-25602 is a medium-severity vulnerability in Mesalvo Meona Client Launcher Component, classified under Insufficient Verification of Data Authenticity. CVSS score: 4.4/10. Published 2026-05-20.

How severe is CVE-2026-25602?

Medium severity. CVSS v3 base score is 4.4 out of 10.

Vulnerability in Mesalvo Meona Client Launcher Component

CVE-2026-25602

Insufficient Verification of Data Authenticity vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component makes it possible to send messages to any email address. This issue affects Meona Client Launcher Compo…

EPSS: 0.000 (0.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.4 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N.

Affected products

Mesalvo Meona Client Launcher Component — versions 0
Mesalvo Meona Server Component — versions 0

Weakness classification (CWE)

CWE-345 — Insufficient Verification of Data Authenticity

References

a6d3dc9e-0591-4a13-bce7-0f5b31ff6158 (third-party-advisory)

Frequently asked questions

What is CVE-2026-25602?: CVE-2026-25602 is a medium-severity vulnerability in Mesalvo Meona Client Launcher Component, classified under Insufficient Verification of Data Authenticity. CVSS score: 4.4/10. Published 2026-05-20.
How severe is CVE-2026-25602?: Medium severity. CVSS v3 base score is 4.4 out of 10.