Mailman Incorrect Authorization Vulnerability - CVE-2025-43921 - Vulnerability Database

Mailman Incorrect Authorization Vulnerability - CVE-2025-43921

Medium

Reference: CVE-2025-43921

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2025-43921

Title: Mailman Incorrect Authorization Vulnerability

Overview:

GNU Mailman 2.1.39 as bundled in cPanel (and WHM) allows unauthenticated attackers to create lists via the /mailman/create endpoint.