High severity7.4NVD Advisory· Published Feb 17, 2021· Updated Jun 17, 2026
CVE-2021-26911
CVE-2021-26911
Description
core/imap/MCIMAPSession.cpp in Canary Mail before 3.22 has Missing SSL Certificate Validation for IMAP in STARTTLS mode.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Canary Mail/Canary Maildescription
- Range: <3.22
Patches
Vulnerability mechanics
References
6- www.openwall.com/lists/oss-security/2021/02/17/3nvdMailing ListPatchThird Party Advisory
- github.com/canarymail/mailcore2/commit/45acb4efbcaa57a20ac5127dc976538671fce018nvdPatchThird Party Advisory
- www.openwall.com/lists/oss-security/2021/02/17/3nvdMailing ListPatchThird Party Advisory
- census-labs.com/news/2021/02/17/canary-mail-app-missing-certificate-validation-check-on-imap-starttls/nvdExploitThird Party Advisory
- apps.apple.com/us/app/canary-mail/id1236045954nvdProductThird Party Advisory
- census-labs.com/news/category/advisories/nvdThird Party Advisory
News mentions
0No linked articles in our index yet.