CVE-2026-25602
CVSS Score
4.4
EPSS Score
0.0%
EPSS Percentile
0th
Insufficient Verification of Data Authenticity vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component makes it possible to send messages to any email address.Β This issue affects Meona Client Launcher Component: through 19.06.2020 15:11:49; Meona Server Component: through 2025.04 5+323020.
| CWE | CWE-345 |
| Vendor | mesalvo |
| Product | meona client launcher component |
| Published | May 20, 2026 |
| Last Updated | May 20, 2026 |
Stay Ahead of the Next One
Get instant alerts for mesalvo meona client launcher component
Be the first to know when new medium vulnerabilities affecting mesalvo meona client launcher component are published β delivered to Slack, Telegram or Discord.
Get Free Alerts β
Free Β· No credit card Β· 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
None
Affected Versions
Mesalvo / Meona Client Launcher Component
0 β€ 19.06.2020 15:11:49
Mesalvo / Meona Server Component
0 β€ 2025.04 5+323020