Skip to main content

Net Mail CVE-2026-42499

| EUVDEUVD-2026-28432 HIGH
Creation of Immutable Text Using String Concatenation (CWE-1046)
2026-05-07 Go GHSA-xq5j-9r39-c3vf
7.5
CVSS 3.1 · Vendor: Go
Share

Severity by source

Vendor (Go) PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
SUSE
HIGH
qualitative

Primary rating from Vendor (Go).

CVSS VectorVendor: Go

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

4
CVSS changed
May 08, 2026 - 22:22 NVD
7.5 (HIGH)
Patch available
May 07, 2026 - 21:02 EUVD
CVE Published
May 07, 2026 - 19:41 nvd
HIGH 7.5
CVE Published
May 07, 2026 - 19:41 nvd
UNKNOWN (no severity yet)

DescriptionCVE.org

Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322.

Analysis

Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322.

Vendor StatusVendor

SUSE

Severity: High
Product Status
openSUSE Tumbleweed Fixed
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS Affected
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS Affected
SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS Affected
SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS Affected

Share

CVE-2026-42499 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy