CNNVD-202512-2873 Information

CNNVD ID

CNNVD-202512-2873

Related CVE

CVE-2025-65318

• CNNVD Published: 2025-12-16

Description (Chinese)

Canary Mail是美国Canary Mail公司的一个电子邮件客户端应用。 Canary Mail 5.1.40及之前版本存在安全漏洞，该漏洞源于保存文档时未添加Mark-of-the-Web标签，可能导致绕过文件保护机制。

Description (English)

Canary Mail is an e-mail client application for the United States company Canary Mail. There is a security loophole in Canary Mail 5.1.40 and previous versions, which stems from the fact that the document was saved without the Mark-of-the-Web label, which could lead to circumventing the file protection mechanism.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-12-16

Last Modified

2026-02-24

References

http://canary.com http://canarymail.com https://drive.google.com/file/d/14wrTzvcLPfFsWmy-SAtDwwZKKPssBsx5/view https://github.com/bbaboha/CVE-2025-65318-and-CVE-2025-65319 https://github.com/nickvourd/RTI-Toolkit