VYPR
Unrated severityNVD Advisory· Published Apr 28, 2025· Updated Nov 19, 2025

GFI MailEssentials < 21.8 MultiNode Insecure Deserialization

CVE-2025-34491

Description

GFI MailEssentials prior to version 21.8 is vulnerable to a .NET deserialization issue. A remote and authenticated attacker can execute arbitrary code by sending crafted serialized .NET when joining to a Multi-Server setup.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Gfi/Mailessentialsllm-fuzzy2 versions
    <21.8+ 1 more
    • (no CPE)range: <21.8
    • (no CPE)range: 0

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.