Skip to content

Nodemailer Vulnerable to SMTP Command Injection via CRLF in Transport name Option (EHLO/HELO)

Moderate severity GitHub Reviewed Published Apr 7, 2026 in nodemailer/nodemailer • Updated Apr 8, 2026
0 Open 0 Closed
Type
Filter by repository type
All
Public
Private
Internal
Sort
Sort by
Newest
Oldest

No open alerts for this advisory

Give feedback on Dependabot alerts