Vulnerability Description
When using the attachment interaction functionality, Canary Mail 5.1.40 and below saves documents to a file system without a Mark-of-the-Web tag, which allows attackers to bypass the built-in file protection mechanisms of both Windows OS and third-party software.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Canarymail | Canary Mail | <= 5.1.40 |
Related Weaknesses (CWE)
References
- http://canary.comBroken Link
- http://canarymail.comBroken Link
- https://drive.google.com/file/d/14wrTzvcLPfFsWmy-SAtDwwZKKPssBsx5/viewExploit
- https://github.com/bbaboha/CVE-2025-65318-and-CVE-2025-65319ExploitThird Party Advisory
- https://github.com/nickvourd/RTI-ToolkitNot Applicable
- https://github.com/bbaboha/CVE-2025-65318-and-CVE-2025-65319ExploitThird Party Advisory
FAQ
What is CVE-2025-65318?
CVE-2025-65318 is a vulnerability with a CVSS score of 9.1 (CRITICAL). When using the attachment interaction functionality, Canary Mail 5.1.40 and below saves documents to a file system without a Mark-of-the-Web tag, which allows attackers to bypass the built-in file pro...
How severe is CVE-2025-65318?
CVE-2025-65318 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2025-65318?
Check the references section above for vendor advisories and patch information. Affected products include: Canarymail Canary Mail.