CVE-2026-1323

EUVD-2026-12548
The extension fails to properly define allowed classes used when deserializing transport failure metadata. An attacker may exploit this to execute untrusted serialized code. Note that an active exploit requires write access to the directory configured at $GLOBALS['TYPO3_CONF_VARS']['MAIL']['transport_spool_filepath'].
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 29%
Affected Products (NVD)
VendorProductVersion
cps-itmailqueue
𝑥
< 0.4.5
cps-itmailqueue
0.5.0 ≤
𝑥
< 0.5.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://typo3.org/security/advisory/typo3-ext-sa-2026-005