CVE-2026-26312
Received Received - Intake
Denial-of-Service in Stalwart Mail Server via Malformed MIME

Publication date: 2026-02-19

Last updated on: 2026-02-20

Assigner: GitHub, Inc.

Description
Stalwart is a mail and collaboration server. A denial-of-service vulnerability exists in Stalwart Mail Server versions 0.13.0 through 0.15.4 where accessing a specially crafted email containing malformed nested `message/rfc822` MIME parts via IMAP or JMAP causes excessive CPU and memory consumption, potentially leading to an out-of-memory condition and server crash. The malformed structure causes the `mail-parser` crate to produce cyclical references in its parsed representation, which Stalwart then follows indefinitely. Version 0.15.5 contains a patch.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-19
Last Modified
2026-02-20
Generated
2026-05-07
AI Q&A
2026-02-19
EPSS Evaluated
2026-05-05
NVD
CVE-2026-26312
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
stalw stalwart From 0.13.0 (inc) to 0.15.5 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-770 The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability be detected on my network or system? Can you suggest some commands?

I don't know


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, you should upgrade Stalwart Mail Server to version 0.15.5 or later, which contains the patch addressing the denial-of-service issue caused by malformed nested message/rfc822 MIME parts.


Can you explain this vulnerability to me?

This vulnerability exists in Stalwart Mail Server versions 0.13.0 through 0.15.4. It is a denial-of-service issue triggered when the server accesses a specially crafted email containing malformed nested message/rfc822 MIME parts via IMAP or JMAP protocols. The malformed structure causes the mail-parser component to create cyclical references in its parsed data, which the server then follows indefinitely, leading to excessive CPU and memory usage.

This excessive resource consumption can cause the server to run out of memory and crash, disrupting mail services. The issue is fixed in version 0.15.5.


How can this vulnerability impact me? :

The primary impact of this vulnerability is a denial-of-service condition on the Stalwart Mail Server. An attacker can send a specially crafted email that causes the server to consume excessive CPU and memory resources, potentially crashing the server.

This can lead to mail service outages, affecting availability and potentially disrupting business communications.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart