EIP-2026-100961

PRE-CVE

McAfee Email Gateway (formerly IronMail) - Internal Information Disclosure

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-100961. PoCs published by Nahuel Grisolia.

AI-analyzed exploit summary This is an advisory describing an internal information disclosure vulnerability in McAfee Email Gateway (formerly IronMail) version 6.7.1. The vulnerability allows local users to read files containing usernames and other internal information via the CLI.

Description

McAfee Email Gateway (formerly IronMail) - Internal Information Disclosure

Exploits (1)

exploitdb WRITEUP

by Nahuel Grisolia · textlocalfreebsd

https://www.exploit-db.com/exploits/12091

View Code ZIP pw:eip

This is an advisory describing an internal information disclosure vulnerability in McAfee Email Gateway (formerly IronMail) version 6.7.1. The vulnerability allows local users to read files containing usernames and other internal information via the CLI.

Classification

Writeup 100%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: McAfee Email Gateway (formerly IronMail) ver.6.7.1

Auth required

Prerequisites: Local access to the CLI

MITRE ATT&CK

T1082 - System Information Discovery

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026