Browse all 5 CVE security advisories affecting stalwartlabs. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Stalwartlabs develops enterprise security solutions focusing on threat detection and vulnerability management. Their products have historically been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, with five CVEs currently documented. The organization emphasizes automated security testing but has faced criticism for inconsistent patch release timelines. While no major public security incidents have been reported, their vulnerability history suggests a pattern of input validation flaws and insufficient access controls in web interfaces. Stalwartlabs continues to address these issues through regular security updates and enhanced coding practices to improve their product security posture.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-26312 | Stalwart Mail Server has Out-of-Memory Denial of Service via Malformed Nested MIME Messages — stalwartCWE-770 | 6.5 | Medium | 2026-02-19 |
| CVE-2025-61600 | Unbounded Memory Allocation in Stalwart IMAP parser — stalwartCWE-400 | 7.5 | High | 2025-10-02 |
| CVE-2025-59045 | Stalwart vulnerable to Memory Exhaustion via CalDAV Event Expansion — stalwartCWE-770 | 6.5AI | MediumAI | 2025-09-10 |
| CVE-2024-35187 | Stalwart Mail Server has privilege escalation by design — mail-serverCWE-863 | 9.1 | Critical | 2024-05-16 |
| CVE-2024-35179 | Unprivileged Stalwart Mail Server user can read files as root — mail-serverCWE-271 | 6.8 | Medium | 2024-05-15 |
This page lists every published CVE security advisory associated with stalwartlabs. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.