Mailpit is an email testing tool and API for developers. Versions prior to 1.28.3 are vulnerable to Server-Side Request Forgery (SSRF) via HTML Check CSS Download. The HTML Check feature (/api/v1/message/{ID}/html-check) is designed to analyze HTML emails for compatibility. During this process, the inlineRemoteCSS() function automatically downloads CSS files from external <link rel="stylesheet" href="..."> tags to inline them for testing. Version 1.28.3 fixes the issue.
{
"cwe_ids": [
"CWE-918"
],
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23845.json",
"cna_assigner": "GitHub_M"
}{
"cpe": "cpe:2.3:a:axllent:mailpit:*:*:*:*:*:*:*:*",
"extracted_events": [
{
"introduced": "0"
},
{
"fixed": "1.28.3"
}
],
"source": [
"CPE_RANGE",
"REFERENCES"
]
}