CVE-2025-65318

Description

When using the attachment interaction functionality, Canary Mail 5.1.40 and below saves documents to a file system without a Mark-of-the-Web tag, which allows attackers to bypass the built-in file protection mechanisms of both Windows OS and third-party software.

PUBLISHED Reserved 2025-11-18 | Published 2025-12-16 | Updated 2025-12-17 | Assigner mitre

References

github.com/bbaboha/CVE-2025-65318-and-CVE-2025-65319 exploit

canary.com

canarymail.com

drive.google.com/...d/14wrTzvcLPfFsWmy-SAtDwwZKKPssBsx5/view

github.com/nickvourd/RTI-Toolkit

github.com/bbaboha/CVE-2025-65318-and-CVE-2025-65319

cve.org (CVE-2025-65318)

nvd.nist.gov (CVE-2025-65318)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.