Seungbeom Kim

**Name of the Vulnerable Software and Affected Versions** Heirloom mailx versions 12.5 and earlier BSD mailx versions 8.1.2 and earlier **Description** The issue allows remote attackers to execute arbitrary commands via shell metacharacters in an email address, specifically through the expand function in fio.c. **Recommendations** For Heirloom mailx versions 12.5 and earlier, update to a version later than 12.5 to resolve the issue. For BSD mailx versions 8.1.2 and earlier, update to a version later than 8.1.2 to resolve the issue. As a temporary workaround, consider restricting the use of email addresses that may contain shell metacharacters until a patch is available.