VYPR

Stalwart

by Stalwartlabs

Source repositories

CVEs (3)

  • CVE-2025-61600HigOct 2, 2025
    risk 0.49cvss 7.5epss 0.01

    Stalwart is a mail and collaboration server. Versions 0.13.3 and below contain an unbounded memory allocation vulnerability in the IMAP protocol parser which allows remote attackers to exhaust server memory, potentially triggering the system's out-of-memory (OOM) killer and…

  • CVE-2025-59045HigSep 10, 2025
    risk 0.39cvss epss 0.00

    Stalwart is a mail and collaboration server. Starting in version 0.12.0 and prior to version 0.13.3, a memory exhaustion vulnerability exists in Stalwart's CalDAV implementation that allows authenticated attackers to cause denial-of-service by triggering unbounded memory…

  • CVE-2026-26312Feb 19, 2026
    risk 0.00cvss epss 0.00

    Stalwart is a mail and collaboration server. A denial-of-service vulnerability exists in Stalwart Mail Server versions 0.13.0 through 0.15.4 where accessing a specially crafted email containing malformed nested `message/rfc822` MIME parts via IMAP or JMAP causes excessive CPU…