CVE-2025-43920 | GNU Mailman 2.1.39 Email Subject os command injection

April 20, 2025 Yanac

A vulnerability was found in GNU Mailman 2.1.39. It has been classified as critical. This affects an unknown part of the component Email Subject Handler. The manipulation leads to os command injection.

This vulnerability is uniquely identified as CVE-2025-43920. It is possible to initiate the attack remotely. There is no exploit available.VulDB Recent EntriesRead More

CVE-2025-43921 | GNU Mailman 2.1.39 List /mailman/create authorization
CVE-2025-43919 | GNU Mailman 2.1.39 Private Archive Authentication Endpoint /Mailman/private/Mailman Username path traversal