CNNVD-202507-2665 Information

Jul 21, 2025 cve

CNNVD ID

CNNVD-202507-2665

CVE-2025-52373

  • CNNVD Published: 2025-07-21

Description (Chinese)

hMailServer是hMailServer开源的一个开源邮件服务器。 hMailServer 5.8.6版本和5.6.9-beta版本存在安全漏洞,该漏洞源于BlowFish.cpp中使用硬编码密钥,可能导致数据库连接密码被解密。

Description (English)

hMailServer is an open source mail server for hMailServer open source. hMailServer 5.8.6 and 5.6.9-beta have a security loophole, which stems from the use of hard coded keys in BlowFish.cpp, which may lead to the decryption of the password for the database connection.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

hMailServer

Published

2025-07-21

Last Modified

2026-02-24

References

https://github.com/mojibake-dev/mojibake-CVE/blob/main/hMailServer/CVE-2025-52373.md https://github.com/mojibake-dev/hMailEnum https://github.com/hmailserver/hmailserver https://access.redhat.com/security/cve/cve-2025-52373 https://vigilance.fr/vulnerability/hMailServer-three-vulnerabilities-dated-22-07-2025-47774

Share on: