CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-34491

GFI MailEssentials prior to version 21.8 is vulnerable to a .NET deserialization issue. A remote and authenticated attacker can execute arbitrary code by sending crafted serialized .NET when joining to a Multi-Server setup.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 26.1%

CVSS Severity

CVSS v3 Score 8.8

References

Products affected by CVE-2025-34491

Gfi » Mailessentials » Version: 20

cpe:2.3:a:gfi:mailessentials:20
Gfi » Mailessentials » Version: 20.1

cpe:2.3:a:gfi:mailessentials:20.1
Gfi » Mailessentials » Version: 20.2

cpe:2.3:a:gfi:mailessentials:20.2
Gfi » Mailessentials » Version: 20.3

cpe:2.3:a:gfi:mailessentials:20.3
Gfi » Mailessentials » Version: 21.0

cpe:2.3:a:gfi:mailessentials:21.0
Gfi » Mailessentials » Version: 21.1

cpe:2.3:a:gfi:mailessentials:21.1
Gfi » Mailessentials » Version: 21.2

cpe:2.3:a:gfi:mailessentials:21.2
Gfi » Mailessentials » Version: 21.3

cpe:2.3:a:gfi:mailessentials:21.3
Gfi » Mailessentials » Version: 21.4

cpe:2.3:a:gfi:mailessentials:21.4
Gfi » Mailessentials » Version: 21.5

cpe:2.3:a:gfi:mailessentials:21.5
Gfi » Mailessentials » Version: 21.6

cpe:2.3:a:gfi:mailessentials:21.6
Gfi » Mailessentials » Version: 21.7

cpe:2.3:a:gfi:mailessentials:21.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-34491

Products

Pricing

Contact Us