Every CVE whose affected-product data names Useplunk Plunk, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2026-32096 — CVSS 9.3 (critical): Plunk is an open-source email platform built on top of AWS SES. Prior to 0.7.0, a Server-Side Request Forgery (SSRF) vulnerability existed…
CVE-2026-34975 — CVSS 8.5 (high): Plunk is an open-source email platform built on top of AWS SES. Prior to 0.8.0, a CRLF header injection vulnerability was discovered in…
CVE-2026-32095 — CVSS 5.4 (medium): Plunk is an open-source email platform built on top of AWS SES. Prior to 0.7.1, Plunk's image upload endpoint accepted SVG files, which…