Medium severity5.3NVD Advisory· Published Nov 12, 2024· Updated Jun 26, 2026
CVE-2024-49394
CVE-2024-49394
Description
In mutt and neomutt the In-Reply-To email header field is not protected by cryptographic signing which allows an attacker to reuse an unencrypted but signed email message to impersonate the original sender.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4Patches
Vulnerability mechanics
References
5- access.redhat.com/security/cve/CVE-2024-49394nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- github.com/neomutt/neomutt/issues/4226nvd
- github.com/neomutt/neomutt/pull/4221nvd
- github.com/neomutt/neomutt/pull/4227nvd
News mentions
0No linked articles in our index yet.