Vulnerabilities > GFI > Mailessentials > 20.2

DATE CVE VULNERABILITY TITLE RISK
2025-04-28 CVE-2025-34491 Deserialization of Untrusted Data vulnerability in GFI Mailessentials
GFI MailEssentials prior to version 21.8 is vulnerable to a .NET deserialization issue.
network
low complexity
gfi CWE-502
8.8
8.8
2025-04-28 CVE-2025-34489 Deserialization of Untrusted Data vulnerability in GFI Mailessentials
GFI MailEssentials prior to version 21.8 is vulnerable to a local privilege escalation issue.
local
low complexity
gfi CWE-502
7.8
7.8
2025-04-28 CVE-2025-34490 XXE vulnerability in GFI Mailessentials
GFI MailEssentials prior to version 21.8 is vulnerable to an XML External Entity (XXE) issue.
network
low complexity
gfi CWE-611
6.5
6.5