Skip to main content

Extension Mailqueue

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-1323 PHP MEDIUM PATCH This Month

Unsafe deserialization in TYPO3's mail transport extension permits arbitrary code execution when an attacker with write access to the configured spool directory supplies malicious serialized objects during transport failure handling. The vulnerability stems from inadequate class whitelisting during deserialization and requires local filesystem access to exploit. No patch is currently available.

Deserialization Extension Mailqueue
NVD GitHub VulDB
CVSS 4.0
5.2
EPSS
0.0%
CVE-2026-1323 PHP
EPSS 0% CVSS 5.2
MEDIUM PATCH This Month

Unsafe deserialization in TYPO3's mail transport extension permits arbitrary code execution when an attacker with write access to the configured spool directory supplies malicious serialized objects during transport failure handling. The vulnerability stems from inadequate class whitelisting during deserialization and requires local filesystem access to exploit. No patch is currently available.

Deserialization Extension Mailqueue
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy