High severity8.1NVD Advisory· Published Apr 16, 2026· Updated Apr 18, 2026
CVE-2026-41113
CVE-2026-41113
Description
sagredo qmail before 2026.04.07 allows tls_quit remote code execution because of popen in notlshosts_auto in qmail-remote.c.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- www.openwall.com/lists/oss-security/2026/04/18/5nvd
- blog.calif.io/p/we-asked-claude-to-audit-sagredosnvd
- github.com/califio/publications/tree/main/MADBugs/qmailnvd
- github.com/sagredo-dev/qmail/commit/749f607f6885e3d01b36f2647d7a1db88f1ef741nvd
- github.com/sagredo-dev/qmail/pull/42nvd
- github.com/sagredo-dev/qmail/releases/tag/v2026.04.07nvd
News mentions
0No linked articles in our index yet.