Security Advisory

CVE-2025-65318

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-16 00:00:00

Last updated 2025-12-17 18:52:10

Assigner mitre

State PUBLISHED

Description

When using the attachment interaction functionality, Canary Mail 5.1.40 and below saves documents to a file system without a Mark-of-the-Web tag, which allows attackers to bypass the built-in file protection mechanisms of both Windows OS and third-party software.

← Browse all CVEs View on cve.org ↗