CVE-2026-22689

CVE-2026-22689 is a medium-severity vulnerability in Axllent Mailpit with a CVSS 3.x base score of 6.5. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-1385.

Key facts

Description

Mailpit is an email testing tool and API for developers. Prior to version 1.28.2, the Mailpit WebSocket server is configured to accept connections from any origin. This lack of Origin header validation introduces a Cross-Site WebSocket Hijacking (CSWSH) vulnerability. An attacker can host a malicious website that, when visited by a developer running Mailpit locally, establishes a WebSocket connection to the victim's Mailpit instance (default ws://localhost:8025). This allows the attacker to intercept sensitive data such as email contents, headers, and server statistics in real-time. This issue has been patched in version 1.28.2.

Frequently asked questions

What is CVE-2026-22689?
Mailpit is an email testing tool and API for developers. Prior to version 1.28.2, the Mailpit WebSocket server is configured to accept connections from any origin. This lack of Origin header validation introduces a Cross-Site WebSocket Hijacking (CSWSH) vulnerability. An attacker can host a malicious website that, when visited by a developer running Mailpit locally, establishes a WebSocket connection to the victim's Mailpit instance (default ws://localhost:8025). This allows the attacker to intercept sensitive data such as email contents, headers, and server statistics in real-time. This issue has been patched in version 1.28.2.
How severe is CVE-2026-22689?
CVE-2026-22689 has a CVSS 3.x base score of 6.5, rated medium severity. It is exploitable over network with low attack complexity, requires no privileges and user interaction. Impact on confidentiality is high, integrity none, and availability none.
Is CVE-2026-22689 being actively exploited?
It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (11th percentile), an estimate of the probability of exploitation in the next 30 days.
What products are affected by CVE-2026-22689?
CVE-2026-22689 affects Axllent Mailpit. See the affected-products list for the exact vulnerable versions.
How do I fix CVE-2026-22689?
Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
Does CVE-2026-22689 have an EU (EUVD) identifier?
Yes. CVE-2026-22689 is tracked in the ENISA EU Vulnerability Database (EUVD) as EUVD-2026-1872.
When was CVE-2026-22689 published?
CVE-2026-22689 was published on 2026-01-10 and last updated on 2026-06-17.

References

Affected products (1)

More vulnerabilities in Axllent Mailpit

All CVEs affecting Axllent Mailpit →

Other CWE-1385 vulnerabilities

Browse all CWE-1385 vulnerabilities →