CVE-2026-43861

CVSS v3.1

3.7

Low

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

mutt before 2.3.2 does not check for '0' in url pct decode.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

CVE-2026-43861

Mutt