EIP-2026-109645

This writeup describes command injection vulnerabilities in MundiMail due to unsafe use of `system()` and `exec()` functions without proper input sanitization. It provides exploitation examples and basic mitigation steps.