Return to CVE list

CVE-2025-43921

5.3
Medium

CVE-2025-43921

cve@mitre.org
Modified
View on MITREFind on GitHub

Description

GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to create lists via the /mailman/create endpoint. NOTE: multiple third parties report that they are unable to reproduce this, regardless of whether cPanel or WHM is used.

Exploits

No known exploits found for this CVE.

Search Exploit-DB

References

cve@mitre.org
https://code.launchpad.net/~mailman-coders/mailman/2.1
cve@mitre.org
https://github.com/0NYX-MY7H/CVE-2025-43921
cve@mitre.org
https://github.com/cpanel/mailman2-python3
cve@mitre.org
https://www.openwall.com/lists/oss-security/2025/04/21/6