This page aggregates publicly disclosed CVE and security risk information related to maildrop, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2010-0301 | main.C in maildrop 2.3.0 and earlier, when run by root with the -d option, uses the gid of root for execution of the .mailfilter file in a user's home directory, which allows local users to gain privileges via a crafted file. | [email protected] | 6.9 | 0.42% | 2010-02-04 | 2026-04-29 |
| CVE-2005-2655 | lockmail in maildrop before 1.5.3 does not drop privileges before executing commands, which allows local users to gain privileges via command line arguments. | [email protected] | 10.0 | 1.48% | 2005-08-30 | 2026-04-16 |