Attackers could leverage a pair of medium-severity vulnerabilities in the Mailcow open-source mail server software older than version 2024-04 to facilitate arbitrary code execution, account takeovers, and sensitive data access, reports The Hacker News.