CVE-2025-65319

Description

When using the attachment interaction functionality, Blue Mail 1.140.103 and below saves documents to a file system without a Mark-of-the-Web tag, which allows attackers to bypass the built-in file protection mechanisms of both Windows OS and third-party software.

PUBLISHED Reserved 2025-11-18 | Published 2025-12-16 | Updated 2025-12-17 | Assigner mitre

References

github.com/bbaboha/CVE-2025-65318-and-CVE-2025-65319 exploit

blue.com

github.com/nickvourd/RTI-Toolkit

github.com/rip1s/CVE-2017-11882

drive.google.com/...d/1dVzXuHBk3B1DiFpwFYwj2NNjeKGnGSwT/view

github.com/bbaboha/CVE-2025-65318-and-CVE-2025-65319

cve.org (CVE-2025-65319)

nvd.nist.gov (CVE-2025-65319)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.