CVE-2026-50878
Received Received - Intake
BaseFortify

Publication date: 2026-06-15

Last updated on: 2026-06-15

Assigner: MITRE

Description
An issue in the attachment handling component of Feuerhamster MailForm v1.1.0 allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-15
Last Modified
2026-06-15
Generated
2026-06-16
AI Q&A
2026-06-15
EPSS Evaluated
N/A
NVD
CVE-2026-50878
EUVD
EUVD-2026-36776
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
feuerhamster mailform 1.1.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-50878 is a vulnerability in Feuerhamster MailForm version 1.1.0 related to how the software handles file attachments during form submissions.

Specifically, temporary files created when processing uploaded attachments are not properly deleted after the email delivery process finishes or fails.

These leftover temporary files accumulate in the server's temporary directory because the application lacks cleanup rules for them.

Attackers can exploit this by repeatedly submitting crafted requests with attachments, causing many temporary files to build up.

Impact Analysis

The vulnerability can lead to a Denial of Service (DoS) condition by consuming excessive disk space on the server.

As temporary files accumulate without cleanup, the server's storage may fill up, potentially causing the application or server to crash or become unresponsive.

Additionally, sensitive data contained in these temporary files could be exposed if attackers gain access to the server's temporary directory.

Detection Guidance

This vulnerability can be detected by monitoring the server's temporary directory for an unusual accumulation of files created by the MailForm application during multipart form submissions.

Specifically, repeated failed form submissions to the /:target endpoint cause temporary files to remain and accumulate, which can be identified by checking the number and size of files in the temporary upload directory.

  • Use commands like `ls -l /tmp` or the appropriate temporary directory to list files and check for a growing number of files related to MailForm uploads.
  • Use `find /tmp -type f -mtime -1` to find recently created files that may indicate ongoing exploitation.
  • Monitor disk usage with `du -sh /tmp` or similar commands to detect abnormal disk space consumption.
Mitigation Strategies

Immediate mitigation steps include preventing the accumulation of temporary files by either applying patches or workarounds that ensure proper cleanup of temporary upload files after processing.

Until a fix is applied, administrators should regularly monitor and manually clean the temporary directory to remove leftover files created by MailForm.

  • Implement a scheduled task or script to delete old temporary files related to MailForm uploads.
  • Restrict access to the temporary directory to prevent unauthorized access to sensitive data in leftover files.
  • Consider disabling or limiting the attachment upload feature in MailForm if possible until a patch is available.
Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-50878. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart