mailcow Summary

Latest vulnerabilities published by mailcow

17 July 2025

12 February 2025

28 January 2025

5 August 2024

4 April 2024

2 February 2024

30 November 2023

7 June 2023

4 March 2023

27 September 2022

11 July 2022

20 May 2022

14 May 2017

No more vulnerabilities to load.

mailcow Summary

Vulnerability Published:

Sort By:

17 July 2025

Server-Side Template Injection Vulnerability in Mailcow by Mailcow

12 February 2025

Security Flaw in Mailcow's Password Reset Feature Affects Users

28 January 2025

Session Fixation Issue in Mailcow Web Panel

5 August 2024

JavaScript Payload Injection Vulnerability in Dockerized Groupware/Email Suite

Unauthorized JavaScript injection in API logs could lead to malicious actions and data theft

Bypass of 2FA Protection in Mailcow's Dockerized Groupware/Email Suite

4 April 2024

Mailcow Vulnerability Affects Prior Versions, Patch Released

Mailcow Vulnerability Affects Prior Versions, Pose Significant Security Risk

2 February 2024

Mailcow Docker Container Exposure to Local Network

mailcow ipixel flood attack leads to Denial of Service in admin page

30 November 2023

mailcow-dockerized XSS Vulnerability in Quarantine UI Allows Unauthorized Access and Data Manipulation

7 June 2023

Manipulation of Internal Dovecot Variables in mailcow via crafted Passwords

4 March 2023

mailcow is vulnerable to shell command injection via xoauth2 authentication in imapsync

27 September 2022

mailcow-dockerized critical information misrepresentation can lead to phishing attacks through Swagger UI

11 July 2022

OS Command Injection in mailcow

20 May 2022

OS Command Injection Vulnerability in Mailcow by Mailcow

14 May 2017

CSRF Vulnerability in Mailcow: Dockerized by Mailcow

Vulnerability Published:

Sort By:

17 July 2025

Server-Side Template Injection Vulnerability in Mailcow by Mailcow

12 February 2025

Security Flaw in Mailcow's Password Reset Feature Affects Users

28 January 2025

Session Fixation Issue in Mailcow Web Panel

5 August 2024

JavaScript Payload Injection Vulnerability in Dockerized Groupware/Email Suite

Unauthorized JavaScript injection in API logs could lead to malicious actions and data theft

Bypass of 2FA Protection in Mailcow's Dockerized Groupware/Email Suite

4 April 2024

Mailcow Vulnerability Affects Prior Versions, Patch Released

Mailcow Vulnerability Affects Prior Versions, Pose Significant Security Risk

2 February 2024

Mailcow Docker Container Exposure to Local Network

mailcow ipixel flood attack leads to Denial of Service in admin page

30 November 2023

mailcow-dockerized XSS Vulnerability in Quarantine UI Allows Unauthorized Access and Data Manipulation

7 June 2023

Manipulation of Internal Dovecot Variables in mailcow via crafted Passwords

4 March 2023

mailcow is vulnerable to shell command injection via xoauth2 authentication in imapsync​

27 September 2022

mailcow-dockerized critical information misrepresentation can lead to phishing attacks through Swagger UI

11 July 2022

OS Command Injection in mailcow

20 May 2022

OS Command Injection Vulnerability in Mailcow by Mailcow

14 May 2017

CSRF Vulnerability in Mailcow: Dockerized by Mailcow

mailcow is vulnerable to shell command injection via xoauth2 authentication in imapsync