Every CVE whose affected-product data names Maddy Project Maddy, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2023-27582 — CVSS 9.1 (critical): maddy is a composable, all-in-one mail server. Starting with version 0.2.0 and prior to version 0.6.3, maddy allows a full authentication…
CVE-2026-40193 — CVSS 8.2 (high): maddy is a composable, all-in-one mail server. Versions prior to 0.9.3 contain an LDAP injection vulnerability in the auth.ldap module…
CVE-2022-24732 — CVSS 6.3 (medium): Maddy Mail Server is an open source SMTP compatible email server. Versions of maddy prior to 0.5.4 do not implement password expiry or…