Useplunk

Plunk

3 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.5

CVE-2026-34975

  • EPSS 0.04%
  • Veröffentlicht 06.04.2026 16:10:05
  • Zuletzt bearbeitet 07.04.2026 13:20:11

Plunk is an open-source email platform built on top of AWS SES. Prior to 0.8.0, a CRLF header injection vulnerability was discovered in SESService.ts, where user-supplied values for from.name, subject, custom header keys/values, and attachment filena...

8.6

CVE-2026-32096

  • EPSS 0.08%
  • Veröffentlicht 11.03.2026 19:53:39
  • Zuletzt bearbeitet 16.03.2026 17:00:18

Plunk is an open-source email platform built on top of AWS SES. Prior to 0.7.0, a Server-Side Request Forgery (SSRF) vulnerability existed in the SNS webhook handler. An unauthenticated attacker could send a crafted request that caused the server to ...

5.4

CVE-2026-32095

  • EPSS 0.04%
  • Veröffentlicht 11.03.2026 19:52:15
  • Zuletzt bearbeitet 16.03.2026 17:10:07

Plunk is an open-source email platform built on top of AWS SES. Prior to 0.7.1, Plunk's image upload endpoint accepted SVG files, which browsers treat as active documents capable of executing embedded JavaScript, creating a stored XSS vulnerability. ...