Multiple vulnerabilities in Synology MailPlus Server (June 30, 2026)
Multiple vulnerabilities have been discovered in Synology MailPlus Server. Some of them allow an attacker to cause remote denial of service, data confidentiality breaches, and data integrity breaches.
CSIRTS triage
- What
- Multiple vulnerabilities could allow remote denial of service and data breaches.
- Who is affected
- Users of Synology MailPlus Server.
- Urgency
- Remediation is important due to the potential for service disruption and data breaches.
- Action
- Update to the latest version of Synology MailPlus Server.
AI-assisted analysis generated from the source advisory — verify against the original.
⚡ Watch MailPlus Server
Get an email when a new MailPlus Server advisory drops — max one per day, one-click unsubscribe.
Details
Original advisory: https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0819/
Referenced CVEs
| CVE | CSIRTS overview | External |
|---|---|---|
| CVE-2026-13135 | coverage & exploitation status | NVD · CVE.org |
| CVE-2025-15660 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-13136 | coverage & exploitation status | NVD · CVE.org |
More from CERT-FR Avis de sécurité
- unknownMultiple vulnerabilities in Red Hat Linux kernel (July 10, 2026)2026-07-10
- unknownMultiple vulnerabilities in Ubuntu Linux kernel (July 10, 2026)2026-07-10
- unknownMultiple vulnerabilities in Progress MOVEit Transfer (July 10, 2026)2026-07-10
- unknownVulnerability in NetApp ONTAP 9 (July 10, 2026)2026-07-10
- unknownVulnerability in CPython (July 10, 2026)2026-07-10