Postorius Project Postorius — known CVE vulnerabilities
Every CVE whose affected-product data names Postorius Project Postorius, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2026-44742 — CVSS 7.2 (high): Postorius through 1.3.13 does not escape HTML in the message subject when rendering it in the Held messages pop-up, as exploited in the…
CVE-2021-40347 — CVSS 5.4 (medium): An issue was discovered in views/list.py in GNU Mailman Postorius before 1.3.5. An attacker (logged into any account) can send a crafted…