EIP-2026-101040

PRE-CVE

McAfee Email Gateway (formerly IronMail) - Denial of Service

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101040. PoCs published by Nahuel Grisolia.

AI-analyzed exploit summary This advisory describes a local denial-of-service vulnerability in McAfee Email Gateway (formerly IronMail) version 6.7.1, where an attacker with CLI access can execute a fork bomb to exhaust system resources due to insecure ulimit settings. The issue is patched in version 6.7.2 Hotfix 2.

Description

McAfee Email Gateway (formerly IronMail) - Denial of Service

Exploits (1)

exploitdb WRITEUP

by Nahuel Grisolia · textdoshardware

https://www.exploit-db.com/exploits/12093

View Code ZIP pw:eip

This advisory describes a local denial-of-service vulnerability in McAfee Email Gateway (formerly IronMail) version 6.7.1, where an attacker with CLI access can execute a fork bomb to exhaust system resources due to insecure ulimit settings. The issue is patched in version 6.7.2 Hotfix 2.

Classification

Writeup 100%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: McAfee Email Gateway (formerly IronMail) ver.6.7.1

Auth required

Prerequisites: Local access to the CLI · Authenticated session

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026