CVE Catalog

CVE-2025-65318

CriticalCVSS 9.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.48%

38th percentile - higher than 38% of all known CVEs

Summary

A vulnerability in Canary Mail 5.1.40 and earlier causes documents to be saved without a Mark-of-the-Web tag when using the attachment interaction functionality. This allows attackers to bypass built-in file protection mechanisms of Windows OS and third-party software.

Risk Assessment

The organization is at risk of executing malicious attachments without warning, potentially leading to malware infection, data leakage, or system compromise.

Recommendation

Immediately update Canary Mail to a version newer than 5.1.40. Until the update is applied, block attachments or use an alternative email client.

Original NVD description (English source)

When using the attachment interaction functionality, Canary Mail 5.1.40 and below saves documents to a file system without a Mark-of-the-Web tag, which allows attackers to bypass the built-in file protection mechanisms of both Windows OS and third-party software.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS