Known Vulnerabilities for products from Postfix
Listed below are 11 of the newest known vulnerabilities associated with the vendor "Postfix".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-43964 json | Not Provided | 2026-05-04 | 2026-05-04 | |
| CVE-2026-41232 json | Not Provided | 2026-04-23 | 2026-04-23 | |
| CVE-2023-51764 json | 5.3 - MEDIUM | 2023-12-24 | 2024-01-30 | |
| CVE-2020-12063 json | ** DISPUTED ** A certain Postfix 2.10.1-7 package could allow an attacker to send an email from an arbitrary-looking sender v... | 5.3 - MEDIUM | 2020-04-24 | 2023-11-07 |
| CVE-2017-10140 json | Postfix before 2.11.10, 3.0.x before 3.0.10, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 might allow local users to gain privi... | 7.8 - HIGH | 2018-04-16 | 2020-07-15 |
| CVE-2012-0811 json | Multiple SQL injection vulnerabilities in Postfix Admin (aka postfixadmin) before 2.3.5 allow remote authenticated users to e... | 6.5 - MEDIUM | 2014-10-01 | 2014-10-02 |
| CVE-2011-1720 json | The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x before 2.7.4, and 2.8.x before 2.8.3, when certain Cyrus... | Not Provided | 2011-05-13 | 2026-04-29 |
| CVE-2011-0411 json | The STARTTLS implementation in Postfix 2.4.x before 2.4.16, 2.5.x before 2.5.12, 2.6.x before 2.6.9, and 2.7.x before 2.7.3 d... | Not Provided | 2011-03-16 | 2026-04-29 |
| CVE-2009-2939 json | The postfix.postinst script in the Debian GNU/Linux and Ubuntu postfix 2.5.5 package grants the postfix user write access to ... | Not Provided | 2009-09-21 | 2026-04-23 |
| CVE-2008-4977 json | postfix_groups.pl in Postfix 2.5.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/postf... | Not Provided | 2008-11-06 | 2026-04-23 |
| CVE-2008-3889 json | Postfix 2.4 before 2.4.9, 2.5 before 2.5.5, and 2.6 before 2.6-20080902, when used with the Linux 2.6 kernel, leaks epoll fil... | Not Provided | 2008-09-12 | 2026-04-23 |
| CVE-2008-2937 json | Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a mailbox file even when this file is not owned by the recip... | Not Provided | 2008-08-18 | 2026-04-23 |
| CVE-2008-2936 json | Postfix before 2.3.15, 2.4 before 2.4.8, 2.5 before 2.5.4, and 2.6 before 2.6-20080814, when the operating system supports ha... | Not Provided | 2008-08-18 | 2026-04-23 |
Known software with vulnerabilities from Postfix
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Postfix | Postfix | 2.0.0 |