RUSTSEC-2026-0141

TLS hostname verification disabled when using Boring TLS backend

Reported

May 14, 2026

Issued

May 14, 2026

Package

lettre (crates.io)

Type

Vulnerability

Categories

crypto-failure

Keywords

#tls #smtp #mitm

Aliases

GHSA-4pj9-g833-qx53

References

https://github.com/lettre/lettre/security/advisories/GHSA-4pj9-g833-qx53

CVSS Score

9.1 CRITICAL

CVSS Details

Attack Complexity: Low
Attack Requirements: Present
Attack Vector: Network
Privileges Required: None
Availability Impact to the Subsequent System: None
Confidentiality Impact to the Subsequent System: Low
Integrity Impact to the Subsequent System: Low
User Interaction: None
Availability Impact to the Vulnerable System: None
Confidentiality Impact to the Vulnerable System: High
Integrity Impact to the Vulnerable System: High

CVSS Vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:L/SI:L/SA:N

Patched

>=0.11.22

Unaffected

<0.10.1

Description

An inverted-boolean bug in lettre's boring-tls integration silently disables TLS hostname verification for callers using the default (strict) configuration. An on-path attacker presenting any chain-valid certificate for any domain can intercept SMTP submission, including PLAIN/LOGIN credentials and message contents, against any lettre user built with the boring-tls feature. Other TLS backends (native-tls, rustls) are unaffected.

The bug was introduced in v0.10.1 and persists through v0.11.21 (latest).

Advisory available under CC0-1.0 license.