Axllent Mailpit
5 CVEs affecting Axllent Mailpit. Latest disclosed: 2026-02-25. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-22689 | Medium | 6.5 | 2026-01-10 | Mailpit is an email testing tool and API for developers. Prior to version 1.28.2, the Mailpit WebSocket server is configured to accept connections from any ori… |
CVE-2026-27808 | Medium | 5.8 | 2026-02-25 | Mailpit is an email testing tool and API for developers. Prior to version 1.29.2, the Link Check API (/api/v1/message/{ID}/link-check) is vulnerable to Server-… |
CVE-2026-23845 | Medium | 5.8 | 2026-01-19 | Mailpit is an email testing tool and API for developers. Versions prior to 1.28.3 are vulnerable to Server-Side Request Forgery (SSRF) via HTML Check CSS Downl… |
CVE-2026-21859 | Medium | 5.8 | 2026-01-07 | Mailpit is an email testing tool and API for developers. Versions 1.28.0 and below have a Server-Side Request Forgery (SSRF) vulnerability in the /proxy endpoi… |
CVE-2026-23829 | Medium | 5.3 | 2026-01-18 | Mailpit is an email testing tool and API for developers. Prior to version 1.28.3, Mailpit's SMTP server is vulnerable to Header Injection due to an insufficien… |