Medium severity5.3NVD Advisory· Published Nov 12, 2024· Updated Jun 26, 2026
CVE-2024-49395
CVE-2024-49395
Description
In mutt and neomutt, PGP encryption does not use the --hidden-recipient mode which may leak the Bcc email header field by inferring from the recipients info.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3Patches
Vulnerability mechanics
References
5- access.redhat.com/security/cve/CVE-2024-49395nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- github.com/neomutt/neomutt/issues/4223nvd
- github.com/neomutt/neomutt/pull/4221nvd
- github.com/neomutt/neomutt/pull/4227nvd
News mentions
0No linked articles in our index yet.