CVE-2026-23829 PoC — Mailpit 安全漏洞

Source

https://github.com/SimoesCTT/CTT-Mailpit-RCE-v1.0---Temporal-Resonance-Mail-Server-Takeover

Associated Vulnerability

Title:Mailpit 安全漏洞 (CVE-2026-23829)
Description:Mailpit是Ralph Slooten个人开发者的一个电子邮件测试工具。 Mailpit 1.28.3之前版本存在安全漏洞，该漏洞源于验证RCPT TO和MAIL FROM地址的正则表达式不足，可能导致标头注入。

Description

FROM HEADER INJECTION TO FULL RCE DOMINANCE  The Original Flaw (CVE-2026-23829)  · CVSS: 6.1/10 (Medium) - Header injection via regex bypass · Impact: Email spoofing, limited header manipulation · Reality: Boring, basic, barely worth weaponizing  CTT Enhancement Revelation

File Snapshot


 None

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!