Mailman Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability - CVE-2025-43920

GNU Mailman 2.1.39 as bundled in cPanel (and WHM) in certain external archiver configurations allows unauthenticated attackers to execute arbitrary OS commands via shell metacharacters in an email Subject line.