Product
Mailpit is vulnerable to an unauthenticated remote memory-exhaustion denial-of-service attack due to missing size limits on incoming SMTP DATA and HTTP requests, leading to unbounded memory and disk growth, potentially crashing the application.