Primary

Context

Mutt NULL Pointer Dereference Vulnerability in Signature Summary Handling

Vulnerability

Patched

A NULL pointer dereference vulnerability has been identified in Mutt versions prior to 2.3.2. The issue arises in the 'show_sig_summary' function, where a NULL key is not properly checked before being dereferenced. This oversight can lead to a crash when the error code indicates a missing public key.

Impact

Exploitation of this vulnerability causes a segmentation fault, leading to a denial-of-service condition by crashing the application.

Remediation

Users can upgrade to Mutt version 2.3.2 or later to address this vulnerability.

Added: May 4, 2026, 7:29 AM

Updated: May 4, 2026, 7:29 AM

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

2.5

exploitability

5.3

remediation

7.7

relevance

7.4

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

2.5

exploitability

5.3

remediation

7.7

relevance

7.4

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Mutt NULL Pointer Dereference Vulnerability in Signature Summary Handling

Vulnerability

Impact

Remediation

Affected Products

mutt

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating