Skip to content

RadicalNotion.AI

We do not sell or share your personal information

© 2026 RadicalNotion.AI

Security Data

CWE Directory
CAPEC Directory
CNA Directory
CNA Report Cards
Data Sources

Calculators

CVSS Calculator
CVSS 4.0
CVSS 3.1
CVSS 3.0
CVSS 2.0

Platform

My Vulnerabilities
Insights
Notifications
Account
Pricing

Learn

All guides
What is a CVE?
What is CVSS?
The CISA KEV catalog
What is EPSS?

Company

About us
Blog
Book a demo

Get Started

Sign up
Log in

Legal

Privacy
Terms

Security data

Weaknesses (CWE)The MITRE CWE weakness catalog
Attack Patterns (CAPEC)MITRE CAPEC attack patterns
CNAsNumbering authorities + report cards
VendorsVulnerabilities by vendor

Tools

CVSS CalculatorScore CVSS 4.0, 3.1, 3.0 & 2.0

Resources

LearnPlain-English security guides
Data SourcesHow we source CVE data

About Us Blog Pricing Book a Demo

Log in

Home
Vendors
Gfi Software
Mailessentials Ai

GFI Software MailEssentials AI Vulnerabilities: CVEs, CISA KEV & Security Advisories

18 CVEs

GFI Software MailEssentials AI Vulnerabilities

CVE security advisories and vulnerability history for MailEssentials AI by GFI Software.

18

Total CVEs

Published

0

In CISA KEV

Exploited in the wild

0

Public exploits

With known exploit

5.4

Avg CVSS

2026–2026

Last updated February 19, 2026

Overview

GFI Software MailEssentials AI has 18 published CVE records since 2026, of which 0 are in CISA's Known Exploited Vulnerabilities catalog and 0 have a known public exploit. The average CVSS base score across scored CVEs is 5.4.

This page aggregates every publicly disclosed vulnerability (CVE) affecting GFI Software MailEssentials AI, with a severity breakdown, the affected and patched versions, the most common weakness types, and the full CVE list.

Severity and exploitation

How the CVSS severity of GFI Software MailEssentials AI's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.

Critical0

High0

Medium18

Low0

In CISA’s Known Exploited Vulnerabilities catalog

0

None of GFI Software MailEssentials AI's CVEs are currently listed in CISA's KEV catalog.

Public exploits

0

No GFI Software MailEssentials AI CVEs currently have a tracked public exploit.

Affected versions and CVEs

Browse every GFI Software MailEssentials AI version named in a CVE, then pick one to see only the CVEs that affect it.

Fixed in

22.418 CVEs

Find a version

18 CVEs

Sort

GFI MailEssentials AI < 22.4 ListServer.IsPathExist() Absolute Directory Traversal to File Enumeration
CVE-2026-23621
Patch
CWE-203
Medium · CVSS 5.3
EPSS 0.0% (13th pct)2026-02-19
GFI MailEssentials AI < 22.4 ListServer.IsDBExist() Absolute Directory Traversal to File Enumeration
CVE-2026-23620
Patch
CWE-203
Medium · CVSS 5.3
EPSS 0.0% (13th pct)2026-02-19
GFI MailEssentials AI < 22.4 General Settings Local Domains Domain Description Stored XSS
CVE-2026-23619
Patch
CWE-79
Medium · CVSS 5.4
EPSS 0.0% (14th pct)2026-02-19
GFI MailEssentials AI < 22.4 Anti-Spam Spam Keyword Checking Subject Condition Stored XSS
CVE-2026-23618
Patch
CWE-79
Medium · CVSS 5.4
EPSS 0.0% (14th pct)2026-02-19
GFI MailEssentials AI < 22.4 Anti-Spam Spam Keyword Checking Body Condition Stored XSS
CVE-2026-23617
Patch
CWE-79
Medium · CVSS 5.4
EPSS 0.0% (14th pct)2026-02-19
GFI MailEssentials AI < 22.4 Anti-Spam Anti-Spoofing Description Stored XSS
CVE-2026-23616
Patch
CWE-79
Medium · CVSS 5.4
EPSS 0.0% (14th pct)2026-02-19
GFI MailEssentials AI < 22.4 Anti-Spam Sender Policy Framework Email Exceptions Description Stored XSS
CVE-2026-23615
Patch
CWE-79
Medium · CVSS 5.4
EPSS 0.0% (14th pct)2026-02-19
GFI MailEssentials AI < 22.4 Anti-Spam Sender Policy Framework IP Exceptions Description Stored XSS
CVE-2026-23614
Patch
CWE-79
Medium · CVSS 5.4
EPSS 0.0% (14th pct)2026-02-19
GFI MailEssentials AI < 22.4 Anti-Spam URI DNS Blocklist Domain Stored XSS
CVE-2026-23613
Patch
CWE-79
Medium · CVSS 5.4
EPSS 0.0% (14th pct)2026-02-19
GFI MailEssentials AI < 22.4 Anti-Spam IP DNS Blocklist Domain Stored XSS
CVE-2026-23612
Patch
CWE-79
Medium · CVSS 5.4
EPSS 0.0% (14th pct)2026-02-19
GFI MailEssentials AI < 22.4 Anti-Spam IP Blocklist Description Stored XSS
CVE-2026-23611
Patch
CWE-79
Medium · CVSS 5.4
EPSS 0.0% (14th pct)2026-02-19
GFI MailEssentials AI < 22.4 POP2Exchange POP3 Server Login Stored XSS
CVE-2026-23610
Patch
CWE-79
Medium · CVSS 5.4
EPSS 0.0% (14th pct)2026-02-19
GFI MailEssentials AI < 22.4 General Settings Perimeter SMTP Servers Description Stored XSS
CVE-2026-23609
Patch
CWE-79
Medium · CVSS 5.4
EPSS 0.0% (14th pct)2026-02-19
GFI MailEssentials AI < 22.4 Email Management Mail Monitoring Rule Stored XSS
CVE-2026-23608
Patch
CWE-79
Medium · CVSS 5.4
EPSS 0.0% (14th pct)2026-02-19
GFI MailEssentials AI < 22.4 Anti-Spam Whitelist Description Stored XSS
CVE-2026-23607
Patch
CWE-79
Medium · CVSS 5.4
EPSS 0.0% (14th pct)2026-02-19
GFI MailEssentials AI < 22.4 Advanced Content Filtering Rule Stored XSS
CVE-2026-23606
Patch
CWE-79
Medium · CVSS 5.4
EPSS 0.0% (14th pct)2026-02-19
GFI MailEssentials AI < 22.4 Attachment Filtering Rule Stored XSS
CVE-2026-23605
Patch
CWE-79
Medium · CVSS 5.4
EPSS 0.0% (14th pct)2026-02-19
GFI MailEssentials AI < 22.4 Keyword Filtering Rule Stored XSS
CVE-2026-23604
Patch
CWE-79
Medium · CVSS 5.4
EPSS 0.0% (14th pct)2026-02-19

Common weakness types

The CWE weakness categories most often found in GFI Software MailEssentials AI CVEs. Follow any weakness for its full explanation.

CWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')16 CVEs
CWE-203Observable Discrepancy2 CVEs

Other GFI Software products

Browse vulnerabilities for other products by GFI Software.

HelpDesk5 CVEs Kerio Control3 CVEs GFIAgent service1 CVEs Kerio Control 9.4.51 CVEs

All GFI Software vulnerabilities

Frequently asked questions

Common questions about GFI Software MailEssentials AI vulnerabilities.

How many CVEs does GFI Software MailEssentials AI have?

GFI Software MailEssentials AI has 18 published CVE records since 2026.

How many GFI Software MailEssentials AI CVEs are in CISA KEV?

None of GFI Software MailEssentials AI's CVEs are currently listed in CISA's Known Exploited Vulnerabilities catalog.

Are there public exploits for GFI Software MailEssentials AI vulnerabilities?

No GFI Software MailEssentials AI CVEs currently have a tracked public exploit in this dataset.

Which versions of GFI Software MailEssentials AI are affected?

1 distinct GFI Software MailEssentials AI version is named across its CVEs. Use the version filter above to see the CVEs affecting a specific version.

What are the most common weakness types in GFI Software MailEssentials AI CVEs?

GFI Software MailEssentials AI's CVEs most often map to these CWE weakness types: CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-203 (Observable Discrepancy).

What is the average severity of GFI Software MailEssentials AI CVEs?

The average CVSS base score across GFI Software MailEssentials AI's scored CVEs is 5.4.

References

All GFI Software vulnerabilities
The MITRE CVE Program (opens in a new tab)
Learn: What is a CVE?
CWE directory: the weakness types these CVEs map to

Vulnerability data is sourced from the CVE Program; severity, KEV, and exploit signals are aggregated by RadicalNotion.AI.

Track GFI Software MailEssentials AI vulnerabilities

Monitor new GFI Software MailEssentials AI vulnerabilities as they are disclosed, with AI-written analysis and remediation guidance.

Start free See pricing

On this page

Overview
Severity and exploitation
Affected versions and CVEs
Common weakness types
Other products
FAQ
References