CVE-2026-25602

Summary

Insufficient Verification of Data Authenticity vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component makes it possible to send messages to any email address. This issue affects Meona Client Launcher Component: through 19.06.2020 15:11:49; Meona Server Component: through 2025.04 5+323020.

Affected Software

VendorProductVersion RangeStatus
MesalvoMeona Client Launcher Component0 <= 19.06.2020 15:11:49affected
MesalvoMeona Server Component0 <= 2025.04 5+323020affected

Weaknesses

  • CWE-345: CWE-345: Insufficient Verification of Data Authenticity

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References