CVE-2026-7666 — Vulnetix

CVE-2026-7666 PUBLISHED CVSS 2.299999952316284 LOW

Potential unencrypted email transmission via STARTTLS in the SMTP backend

Risk Scores

CVSS v4.0

2.299999952316284

CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Affected Products

Vendor	Product	Versions
djangoproject	Django

Bitnami	django	5.2.0, 6.0.0

Timeline

Jun 3, 2026 CVE Published
Jun 3, 2026 CVE Updated
Jun 4, 2026 Coalition ESS Score
Jun 7, 2026 Security Advisory

References

https://docs.djangoproject.com/en/dev/releases/security/ url
https://groups.google.com/g/django-announce url
https://nvd.nist.gov/vuln/detail/CVE-2026-7666 url
https://www.djangoproject.com/weblog/2026/jun/03/security-releases/ url

Open in Interactive Console →