Infinite Loop Vulnerability in Mutt Email Client by Mutt Development Team
CVE-2026-43863

3.7LOW

Key Information:

Vendor: Mutt
Status: Mutt
Vendor: CVE Published:; 4 May 2026

What is CVE-2026-43863?

Mutt, an email client, is susceptible to an infinite loop vulnerability located in the function data_object_to_stream within the file crypt-gpgme.c. This flaw can cause the application to hang indefinitely under certain conditions, potentially affecting system resources and user experience. Users are encouraged to update to version 2.3.2 or later for enhanced security and functionality.

Affected Version(s)

mutt 0 < 2.3.2

References

https://github.com/muttmua/mutt/commit/fdc04a171777327218...

CVSS V3.1

Score:

3.7

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 4, 2026
Vulnerability Reserved
May 4, 2026

CVE-2026-43863 Data

JSON