CVE-2025-53859 · cross-distro fix matrix

CVE-2025-53859: It was discovered that the nginx ngx_mail_smtp_module module incorrectly

Affects 2 Linux releases across 50 (distro × package) combinations. First disclosed: 2026-06-03.

Fix per ecosystem

Each block below is a distro release where CVE-2025-53859 has a known fix. Run the listed command on that distro to remediate.

Ubuntu bionic

Source: Ubuntu USN

nginx→ fixed in1.14.0-0ubuntu1.11+esm2USN-8375-1
```
sudo apt-get install --only-upgrade -y nginx
```
libnginx-mod-http-auth-pam→ fixed in1.14.0-0ubuntu1.11+esm2USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-http-auth-pam
```
libnginx-mod-http-cache-purge→ fixed in1.14.0-0ubuntu1.11+esm2USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-http-cache-purge
```
libnginx-mod-http-dav-ext→ fixed in1.14.0-0ubuntu1.11+esm2USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-http-dav-ext
```
libnginx-mod-http-echo→ fixed in1.14.0-0ubuntu1.11+esm2USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-http-echo
```
libnginx-mod-http-fancyindex→ fixed in1.14.0-0ubuntu1.11+esm2USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-http-fancyindex
```
libnginx-mod-http-geoip→ fixed in1.14.0-0ubuntu1.11+esm2USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-http-geoip
```
libnginx-mod-http-headers-more-filter→ fixed in1.14.0-0ubuntu1.11+esm2USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-http-headers-more-filter
```
libnginx-mod-http-image-filter→ fixed in1.14.0-0ubuntu1.11+esm2USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-http-image-filter
```
libnginx-mod-http-lua→ fixed in1.14.0-0ubuntu1.11+esm2USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-http-lua
```
libnginx-mod-http-ndk→ fixed in1.14.0-0ubuntu1.11+esm2USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-http-ndk
```
libnginx-mod-http-perl→ fixed in1.14.0-0ubuntu1.11+esm2USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-http-perl
```
libnginx-mod-http-subs-filter→ fixed in1.14.0-0ubuntu1.11+esm2USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-http-subs-filter
```
libnginx-mod-http-uploadprogress→ fixed in1.14.0-0ubuntu1.11+esm2USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-http-uploadprogress
```
libnginx-mod-http-upstream-fair→ fixed in1.14.0-0ubuntu1.11+esm2USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-http-upstream-fair
```
libnginx-mod-http-xslt-filter→ fixed in1.14.0-0ubuntu1.11+esm2USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-http-xslt-filter
```
libnginx-mod-mail→ fixed in1.14.0-0ubuntu1.11+esm2USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-mail
```
libnginx-mod-nchan→ fixed in1.14.0-0ubuntu1.11+esm2USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-nchan
```
libnginx-mod-rtmp→ fixed in1.14.0-0ubuntu1.11+esm2USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-rtmp
```
libnginx-mod-stream→ fixed in1.14.0-0ubuntu1.11+esm2USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-stream
```
nginx-common→ fixed in1.14.0-0ubuntu1.11+esm2USN-8375-1
```
sudo apt-get install --only-upgrade -y nginx-common
```
nginx-core→ fixed in1.14.0-0ubuntu1.11+esm2USN-8375-1
```
sudo apt-get install --only-upgrade -y nginx-core
```
nginx-doc→ fixed in1.14.0-0ubuntu1.11+esm2USN-8375-1
```
sudo apt-get install --only-upgrade -y nginx-doc
```
nginx-extras→ fixed in1.14.0-0ubuntu1.11+esm2USN-8375-1
```
sudo apt-get install --only-upgrade -y nginx-extras
```
nginx-full→ fixed in1.14.0-0ubuntu1.11+esm2USN-8375-1
```
sudo apt-get install --only-upgrade -y nginx-full
```
nginx-light→ fixed in1.14.0-0ubuntu1.11+esm2USN-8375-1
```
sudo apt-get install --only-upgrade -y nginx-light
```

Ubuntu focal

Source: Ubuntu USN

nginx→ fixed in1.18.0-0ubuntu1.7+esm1USN-8375-1
```
sudo apt-get install --only-upgrade -y nginx
```
libnginx-mod-http-auth-pam→ fixed in1.18.0-0ubuntu1.7+esm1USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-http-auth-pam
```
libnginx-mod-http-cache-purge→ fixed in1.18.0-0ubuntu1.7+esm1USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-http-cache-purge
```
libnginx-mod-http-dav-ext→ fixed in1.18.0-0ubuntu1.7+esm1USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-http-dav-ext
```
libnginx-mod-http-echo→ fixed in1.18.0-0ubuntu1.7+esm1USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-http-echo
```
libnginx-mod-http-fancyindex→ fixed in1.18.0-0ubuntu1.7+esm1USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-http-fancyindex
```
libnginx-mod-http-geoip→ fixed in1.18.0-0ubuntu1.7+esm1USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-http-geoip
```
libnginx-mod-http-geoip2→ fixed in1.18.0-0ubuntu1.7+esm1USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-http-geoip2
```
libnginx-mod-http-headers-more-filter→ fixed in1.18.0-0ubuntu1.7+esm1USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-http-headers-more-filter
```
libnginx-mod-http-image-filter→ fixed in1.18.0-0ubuntu1.7+esm1USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-http-image-filter
```
libnginx-mod-http-lua→ fixed in1.18.0-0ubuntu1.7+esm1USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-http-lua
```
libnginx-mod-http-ndk→ fixed in1.18.0-0ubuntu1.7+esm1USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-http-ndk
```
libnginx-mod-http-perl→ fixed in1.18.0-0ubuntu1.7+esm1USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-http-perl
```
libnginx-mod-http-subs-filter→ fixed in1.18.0-0ubuntu1.7+esm1USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-http-subs-filter
```
libnginx-mod-http-uploadprogress→ fixed in1.18.0-0ubuntu1.7+esm1USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-http-uploadprogress
```
libnginx-mod-http-upstream-fair→ fixed in1.18.0-0ubuntu1.7+esm1USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-http-upstream-fair
```
libnginx-mod-http-xslt-filter→ fixed in1.18.0-0ubuntu1.7+esm1USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-http-xslt-filter
```
libnginx-mod-mail→ fixed in1.18.0-0ubuntu1.7+esm1USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-mail
```
libnginx-mod-nchan→ fixed in1.18.0-0ubuntu1.7+esm1USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-nchan
```
libnginx-mod-rtmp→ fixed in1.18.0-0ubuntu1.7+esm1USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-rtmp
```
libnginx-mod-stream→ fixed in1.18.0-0ubuntu1.7+esm1USN-8375-1
```
sudo apt-get install --only-upgrade -y libnginx-mod-stream
```
nginx-common→ fixed in1.18.0-0ubuntu1.7+esm1USN-8375-1
```
sudo apt-get install --only-upgrade -y nginx-common
```
nginx-core→ fixed in1.18.0-0ubuntu1.7+esm1USN-8375-1
```
sudo apt-get install --only-upgrade -y nginx-core
```
nginx-doc→ fixed in1.18.0-0ubuntu1.7+esm1USN-8375-1
```
sudo apt-get install --only-upgrade -y nginx-doc
```

Are YOU affected by CVE-2025-53859?

5-second check on your actual server. Reads /etc/os-release, uname -r, and the distro's package manager; matches against this same cross-source index live.

curl https://mindsparkstack.com/scan.sh | bash

Form-based quickscan View on NVD

Continuous monitoring beats manual checking

CVE-2025-53859dropped silently in your distro's update channel. Every new CVE is the same story. StackPatch runs the matcher hourly against all 5 sources and emails the exact remediation when something new applies to one of your servers. $99 lifetime, 50 founder seats, 30-day refund.

See StackPatch ($99 lifetime)