AIKIDO-2026-10347
github.com/axllent/mailpit is vulnerable to Denial of Service (DoS)
59
Medium Risk
This Affects:
github.com/axllent/mailpitTL;DR
Affected versions of this package are affected by a denial-of-service (DoS) vulnerability due to insufficient limits when processing large or specially crafted email content. An attacker able to send a crafted email to a Mailpit instance could cause excessive memory consumption during message processing or rendering in the web interface, potentially leading to out-of-memory (OOM) conditions and crashing the application. This could allow a remote attacker to disrupt the availability of the service. The issue is addressed by introducing improved bounds checking and safeguards to prevent excessive memory usage when handling message data.
Who does this affect?
You are affected if you are using a version that falls within the vulnerable range.
Background info
github.com/axllent/mailpit is vulnerable to Denial of Service (DoS) in versions 1.0.0 - 1.29.2.
How to fix this
Upgrade the github.com/axllent/mailpit library to a patch version.
Are You Affected?
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.
SOC 2Compliant
ISO 27001Compliant