CVE-2026-43964: Postfix before 3.8.16, 3.9 before 3.9.10, and 3.10 before 3.10.9 sometimes allows a buffer over-read and process crash v

Description

Postfix before 3.8.16, 3.9 before 3.9.10, and 3.10 before 3.10.9 sometimes allows a buffer over-read and process crash via an enhanced status code that lacks text after the third number.

Affected Products

Vendor	Product	Versions
postfix	postfix	2.3, 3.9, 3.10, 3.8.15, 3.9.9, 3.10.8

References

https://www.mail-archive.com/postfix-announce@postfix.org/msg00110.html

Related News (1 articles)

Tier C

VulDB1h ago

CVE-2026-43964 | Postfix up to 3.8.15/3.9.9/3.10.8 off-by-one

→ No new info (linked only)

CVE-2026-43964: Postfix before 3.8.16, 3.9 before 3.9.10, and 3.10 before 3.10.9 sometimes allows a buffer over-read and process crash v

Description

Affected Products

References

Related News (1 articles)

Community Vote

Related CVEs (1)

Pin to Dashboard

Verification

Vulnerability Timeline

Version History