CVE-2026-22689

MEDIUM EPSS 11.0%
Published Jan 10, 20265mo ago · Modified Jun 17, 20261w ago
6.5 CVSS 3.1
Medium
Find Similar
Published Jan 10, 2026 5mo ago
Last Modified Jun 17, 2026 1w ago

Description

Mailpit is an email testing tool and API for developers. Prior to version 1.28.2, the Mailpit WebSocket server is configured to accept connections from any origin. This lack of Origin header validation introduces a Cross-Site WebSocket Hijacking (CSWSH) vulnerability. An attacker can host a malicious website that, when visited by a developer running Mailpit locally, establishes a WebSocket connection to the victim's Mailpit instance (default ws://localhost:8025). This allows the attacker to intercept sensitive data such as email contents, headers, and server statistics in real-time. This issue has been patched in version 1.28.2.

CVSS Details

Base Score
6.5
Exploitability
2.8
Impact
3.6
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction Required
Scope Unchanged
Confidentiality High
Integrity None
Availability None

Threat Intelligence

EPSS Exploit Probability
11.0% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 1

CWE-1385

Affected Products 1

VendorProductVersionRange
axllentmailpit* <1.28.2

References 2

  • github.com https://github.com/axllent/mailpit/commit/6f1f4f34c98989fd873261018fb73830b30aec3f
    Patch
  • github.com https://github.com/axllent/mailpit/security/advisories/GHSA-524m-q5m7-79mm
    ExploitMitigationVendor Advisory

Remediation

  • github.com https://github.com/axllent/mailpit/commit/6f1f4f34c98989fd873261018fb73830b30aec3f
    Patch