Stalwart

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-26312 MEDIUM POC This Month

Denial-of-service in Stalwart Mail Server versions 0.13.0 through 0.15.4 allows authenticated users to crash the server by sending a specially crafted email with malformed nested MIME parts through IMAP or JMAP, triggering infinite loops and resource exhaustion. The vulnerability requires valid credentials to exploit and public exploit code exists, but no patch is currently available for affected versions.

Denial Of Service Stalwart

NVD GitHub

CVSS 3.1

6.5

EPSS

0.0%

CVE-2026-26312

EPSS 0% CVSS 6.5

MEDIUM POC This Month

Denial-of-service in Stalwart Mail Server versions 0.13.0 through 0.15.4 allows authenticated users to crash the server by sending a specially crafted email with malformed nested MIME parts through IMAP or JMAP, triggering infinite loops and resource exhaustion. The vulnerability requires valid credentials to exploit and public exploit code exists, but no patch is currently available for affected versions.

Denial Of Service Stalwart

NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy