Every CVE whose affected-product data names Maildrop, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2005-2655 — CVSS 10.0 (critical): lockmail in maildrop before 1.5.3 does not drop privileges before executing commands, which allows local users to gain privileges via…
CVE-2010-0301 — CVSS 6.9 (medium): main.C in maildrop 2.3.0 and earlier, when run by root with the -d option, uses the gid of root for execution of the .mailfilter file in a…