CRITICAL
Thales CERT
CVE published 2026-07-13
CVE-2026-13014
A critical vulnerability, named 'Matryoshka Mail', was discovered in Thales CERT 'Suspicious' application version <= 1.3.4. This vulnerability allows a remote and unauthenticated attacker to execute arbitrary code and overwrite writable application files, leading to a persistent denial of service, potential compromise of application secrets or integrations, and root-level execution inside the Django appli [truncated]