CVE-2025-65318
π¨ CRITICALWhen using the attachment interaction functionality, Canary Mail 5.1.40 and below saves documents to a file system without a Mark-of-the-Web tag, which allows attackers to bypass the built-in file pro...
Description
Request Expert ReviewWhen using the attachment interaction functionality, Canary Mail 5.1.40 and below saves documents to a file system without a Mark-of-the-Web tag, which allows attackers to bypass the built-in file protection mechanisms of both Windows OS and third-party software.
CVSS Scores
References
Additional Information
- Source
- cve@mitre.org
- State
- Undergoing analysis
Related CVEs
CVE-2026-1139
HIGHA vulnerability has been found in UTT θΏε 520W 1.7.7-180627. This vulnerability affects the function strcpy of the file /goform/ConfigExceptMSN. The...
CVE-2026-1138
HIGHA flaw has been found in UTT θΏε 520W 1.7.7-180627. This affects the function strcpy of the file /goform/ConfigExceptQQ. Executing a manipulation can...
CVE-2026-1137
HIGHA vulnerability was detected in UTT θΏε 520W 1.7.7-180627. Affected by this issue is the function strcpy of the file /goform/formWebAuthGlobalConfig....
CVE-2026-1136
LOWA weakness has been identified in lcg0124 BootDo up to e93dd428ef6f5c881aa74d49a2099ab0cf1e0fcb. Affected is the function Save of the file /blog/bCont...
CVE-2026-1135
MEDIUMA security flaw has been discovered in itsourcecode Society Management System 1.0. This impacts an unknown function of the file /admin/activity.php. T...
CVE-2026-1134
MEDIUMA vulnerability was identified in itsourcecode Society Management System 1.0. This affects an unknown function of the file /admin/expenses.php. The ma...
Share CVE-2025-65318
Share on Social Media
Copy Link
Embed Code
Request Expert Analysis
Request a professional security analysis for CVE-2025-65318 from our verified experts.
Credits System
Use your credits to get expert analysis from verified security professionals. Purchase more credits anytime!