CVE-2026-0895 in Mailqueue Extensionthông tin

Tóm tắt

Bởi MITRE • 20/01/2026

The extension extends TYPO3’ FileSpool component, which was vulnerable to Insecure Deserialization prior to TYPO3-CORE-SA-2026-004 https://typo3.org/security/advisory/typo3-core-sa-2026-004 . Since the related fix is overwritten by the extension, using the extension with a patched TYPO3 core version still allows for Insecure Deserialization, because the affected vulnerable code was extracted from TYPO3 core to the extension. More information about this vulnerability can be found in the related TYPO3 Core Security Advisory TYPO3-CORE-SA-2026-004 https://typo3.org/security/advisory/typo3-core-sa-2026-004 .

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

chịu trách nhiệm

TYPO3

Đặt trước

13/01/2026

Tiết lộ

20/01/2026

Kiểm duyệt

được chấp nhận

mục

VDB-341929

CPE

sẵn sàng

CWE

CWE-502 (Đã xác nhận)

CVSS

6.3 (VulDB)

EPSS

0.00072

KEV

không

Các hoạt động

rất thấp

Nguồn

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-0895
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-0895
CVE Details	https://www.cvedetails.com/cve/CVE-2026-0895/

◂ Trước Tổng Quan Tiếp theo ▸

Might our Artificial Intelligence support you?

Check our Alexa App!