Medium severity6.5NVD Advisory· Published Nov 12, 2024· Updated Jun 26, 2026
CVE-2024-49393
CVE-2024-49393
Description
In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which allows an attacker that intercepts a message to change their value and include himself as a one of the recipients to compromise message confidentiality.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4Patches
Vulnerability mechanics
References
5- access.redhat.com/security/cve/CVE-2024-49393nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- github.com/neomutt/neomutt/issues/4223nvd
- github.com/neomutt/neomutt/pull/4221nvd
- github.com/neomutt/neomutt/pull/4227nvd
News mentions
0No linked articles in our index yet.