Remote Command Execution Vulnerability in Mutt and NeoMutt Email Clients
CVE-2018-14354

9.8CRITICAL

Key Information:

Vendor: Mutt
Status: Mutt; Neomutt
Vendor: CVE Published:; 17 July 2018

What is CVE-2018-14354?

An issue in Mutt and NeoMutt allows remote IMAP servers to execute arbitrary commands by utilizing backquote characters within mailbox commands. This vulnerability can lead to unauthorized execution of commands during subscription or unsubscription processes, posing significant risk to the security of user data.