CVE search results

1 – 10 of 47 results

Detailed view

Sort by:

CVE-2026-43864

Medium priority

Needs evaluation

(mutt before 2.3.2 has a show_sig_summary NULL pointer dereference.)

1 affected package

mutt

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
mutt	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2026-43863

Medium priority

Needs evaluation

(mutt before 2.3.2 has an infinite loop in data_object_to_stream in cry ...)

1 affected package

mutt

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
mutt	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2026-43862

Medium priority

Needs evaluation

(In mutt before 2.3.2, the imap_auth_gss security level is mishandled.)

1 affected package

mutt

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
mutt	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2026-43861

Medium priority

Needs evaluation

(mutt before 2.3.2 does not check for '\0' in url_pct_decode.)

1 affected package

mutt

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
mutt	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2026-43860

Medium priority

Needs evaluation

(mutt before 2.3.2 sometimes truncates the hash_passwd by one byte for ...)

1 affected package

mutt

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
mutt	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2026-43859

Medium priority

Needs evaluation

(mutt before 2.3.2 sometimes uses strfcpy instead of memcpy for the IMA ...)

1 affected package

mutt

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
mutt	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2024-49395

Low priority

Needs evaluation

In mutt and neomutt, PGP encryption does not use the --hidden-recipient mode which may leak the Bcc email header field by inferring from the recipients info.

2 affected packages

neomutt, mutt

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
neomutt	Needs evaluation	Needs evaluation	Needs evaluation	Ignored	Needs evaluation
mutt	Ignored	Ignored	Ignored	Ignored	Ignored

CVE-2024-49394

Low priority

Some fixes available 3 of 13

In mutt and neomutt the In-Reply-To email header field is not protected by cryptographic signing which allows an attacker to reuse an unencrypted but signed email message to impersonate the original sender.

2 affected packages

mutt, neomutt

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
mutt	Ignored	Ignored	Ignored	Ignored	Ignored
neomutt	Not affected	Fixed	Fixed	Fixed	Ignored

CVE-2024-49393

Low priority

Some fixes available 3 of 13

In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which allows an attacker that intercepts a message to change their value and include himself as a one of the recipients to compromise...

2 affected packages

mutt, neomutt

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
mutt	Ignored	Ignored	Ignored	Ignored	Ignored
neomutt	Not affected	Fixed	Fixed	Fixed	Ignored

CVE-2023-4875

Medium priority

Fixed

Null pointer dereference when composing from a specially crafted draft message in Mutt >1.5.2 <2.2.12

1 affected package

mutt

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
mutt	—	—	Fixed	Fixed	Fixed

Export to JSON

Results by page:

Search CVE reports