Airmail has issued an update today to patch a vulnerability that security researchers said could let malicious third parties access email databases and read a user’s messages.
Airmail issues fix for security flaw that could let hackers read your email
Version 3.6 is rolling out on the App Store now
Version 3.6 is rolling out on the App Store now
Image: Airmail
is a Senior Producer on Decoder. Previously, he reported on the technology and gaming industries for more than a decade.
Security consulting firm Versprite outlined the issue in a blog post this morning, noting how Airmail 3 uses both a custom URL scheme and a so-called “deterministic” file system location for email messages for any given account. Using those two pieces of information, a hacker could theoretically retrieve every one of a user’s messages through a phishing scheme that relies on that custom URL scheme.
Airmail told The Verge that it’s already updated the app in the Mac App store and through its direct download beta program to address the issue, calling it a “very hypothetical” one. The version number is Airmail 3.6, and it should be rolling out over the course of the day if you don’t already have it now. The update is also listed on Airmail’s website, with the update note, “Potential URL Scheme Vulnerability Fix.”
Follow topics and authors from this story to see more like this in your personalized homepage feed and to receive email updates.
Most Popular
Most Popular
- Meta’s historic loss in court could cost a lot more than $375 million
- Apple raises the Mac Mini’s starting price
- How the internet’s favorite squirrel dad made the hottest camera app of 2026
- These reusable digital Polaroids are a clever way to cover a fridge in memories
- Anker’s discounted 2-in-1 USB-C cable is a great way to spend $15
