CVE-2025-65319

Published
View on NVD ↗
CVSS v3
9.1
CRITICAL
CVSS v2
N/A
Affected
3
PROJECTS

Description

When using the attachment interaction functionality, Blue Mail 1.140.103 and below saves documents to a file system without a Mark-of-the-Web tag, which allows attackers to bypass the built-in file protection mechanisms of both Windows OS and third-party software.

rip1s/CVE-2017-11882
rip1s/CVE-2017-11882
CVE-2017-11882 Exploit accepts over 17k bytes long command/code in maximum.
GitHubGitHub
332
bbaboha/CVE-2025-65318-and-CVE-2025-65319
bbaboha/CVE-2025-65318-and-CVE-2025-65319
Insecure attachment handling when using Canary Mail or Blue mail
GitHubGitHub
3
nickvourd/RTI-Toolkit
nickvourd/RTI-Toolkit
Remote Template Injection Toolkit
GitHubGitHub
43