CVE-2026-44742
HIGH NVDCVSS Score
7.2
Severity
HIGH
Source
NVD
Published
May 07, 2026
Description
Postorius through 1.3.13 does not escape HTML in the message subject when rendering it in the Held messages pop-up, as exploited in the wild in May 2026.