This page collects WhisperX intelligence signals tagged #email security. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A critical security contact channel for the Woodpecker CI project is broken. A security researcher attempting to follow the project's official responsible disclosure policy found that emails to `[email protected]` are being rejected by the mail server with a "Refused by local policy. No SPAM please!" error. Th...
A critical security flaw in a cloud function's email invitation system allows attackers to inject and execute arbitrary HTML and JavaScript in recipients' email clients. The vulnerability stems from the direct interpolation of user-controlled variables—`inviterName`, `groupName`, and `toEmail`—into an HTML email templa...
A critical security vulnerability in the widely-used Nodemailer library exposes applications to email misrouting. The flaw, tracked as CVE-2025-13033, stems from the library's incorrect handling of quoted local-parts containing the '@' symbol within email addresses. This parsing error can cause emails to be delivered t...
A critical vulnerability in the widely-used Nodemailer library exposes email systems to message misrouting. The flaw, tracked as CVE-2025-13033, stems from the library's incorrect parsing of email addresses containing quoted local-parts with the '@' symbol. This parsing error can cause the system to extract and route m...
A security vulnerability has been publicly disclosed affecting SmarterMail, the enterprise email server platform developed by SmarterTools Inc. The vulnerability is tracked as CVE-2026-7807 and has surfaced through open-source intelligence channels, triggering attention across cybersecurity monitoring communities. The ...