Net\/mail CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-42499	2 Go Standard Library, Golang	2 Net\/mail, Go	2026-05-13	7.5 High
Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322.
CVE-2024-24784	2 Go Standard Library, Redhat	14 Net\/mail, Advanced Cluster Security, Ceph Storage and 11 more	2026-04-15	7.5 High
The ParseAddressList function incorrectly handles comments (text within parentheses) within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers.

Page 1 of 1.