VYPR

MDaemon Mail Server

by Alt N

CVEs (1)

  • CVE-2025-61084HigNov 5, 2025
    risk 0.46cvss 7.1epss 0.00

    MDaemon Mail Server 23.5.2 validates SPF, DKIM, and DMARC using the email enclosed in angle brackets (<>) in the From: header of SMTP DATA. An attacker can craft a From: header with multiple invisible Unicode thin spaces to display a spoofed sender while passing validation,…