VDB
WID-SEC-W-2026-0018
WID-SEC-W-2026-0018
PUBLISHED
Mailpit ist ein Open-Source-E-Mail-Testwerkzeug, das als lokaler SMTP-Server zum Auffangen und Anzeigen von E-Mails dient, ohne diese tatsächlich zu versenden.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Open Source MailPit <1.28.1 | ||
| SUSE Linux | ||
| Open Source MailPit 1.28.1 |
Exploit Intelligence
- https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0018.json (circl)
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0018 (circl)
- https://github.com/advisories/GHSA-8v65-47jx-7mfr (circl)
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/S6MPOAT7Z4E254P53LGGBZCRYZ4MUW55/ (circl)
- CVE-2026-21859.yaml (github-poc)
- 2026.xml (github-poc)
- 2026.xml (github-poc)
- cve_2026_21859.py (github-poc)
- Nuclei Template: CVE-2026-21859 (nuclei-template)
Timeline
- Jan 6, 2026 CVE Published
- Jan 19, 2026 CVE Updated
References
- https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0018.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0018 advisory
- https://github.com/advisories/GHSA-8v65-47jx-7mfr url
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/S6MPOAT7Z4E254P53LGGBZCRYZ4MUW55/ url