Detections
Analytics

CVE-2026-23845

medium

Description

Mailpit is an email testing tool and API for developers. Versions prior to 1.28.3 are vulnerable to Server-Side Request Forgery (SSRF) via HTML Check CSS Download. The HTML Check feature (`/api/v1/message/{ID}/html-check`) is designed to analyze HTML emails for compatibility. During this process, the `inlineRemoteCSS()` function automatically downloads CSS files from external `<link rel="stylesheet" href="...">` tags to inline them for testing. Version 1.28.3 fixes the issue.

References

https://github.com/axllent/mailpit/security/advisories/GHSA-6jxm-fv7w-rw5j

https://github.com/axllent/mailpit/releases/tag/v1.28.3

https://github.com/axllent/mailpit/commit/1679a0aba592ebc8487a996d37fea8318c984dfe

Details

Source: Mitre, NVD

Published: 2026-01-19

Updated: 2026-01-19

Risk Information

CVSS v2

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 5.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

Severity: Medium