Postalserver Postal
2 CVEs affecting Postalserver Postal. Latest disclosed: 2026-03-12. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-25529 | High | 8.1 | 2026-03-12 | Postal is an open source SMTP server. Postal versions less than 3.3.5 had a HTML injection vulnerability that allowed unescaped data to be included in the admi… |
CVE-2024-27938 | Medium | 5.3 | 2024-03-11 | Postal is an open source SMTP server. Postal versions less than 3.0.0 are vulnerable to SMTP Smuggling attacks which may allow incoming e-mails to be spoofed… |