Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-27851 (GCVE-0-2026-27851)
Vulnerability from cvelistv5 – Published: 2026-05-12 13:28 – Updated: 2026-05-12 15:06
VLAI
EPSS
Summary
When safe filter is used with variable expansion, all following pipelines on the same string are incorrectly interpreted as safe too, enabling unsafe data to be unescaped. This can enable SQL / LDAP injection attacks when used in authentication. Avoid using safe filter until on fixed version. No publicly available exploits are known.
Severity
7.4 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-235 - Improper Handling of Extra Parameters
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://documentation.open-xchange.com/dovecot/se… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Open-Xchange GmbH | OX Dovecot Pro |
Affected:
0 , ≤ 3.1.4
(semver)
Affected: 0 , ≤ 2.4.3 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-27851",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T15:06:27.723154Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T15:06:35.962Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"core"
],
"product": "OX Dovecot Pro",
"vendor": "Open-Xchange GmbH",
"versions": [
{
"lessThanOrEqual": "3.1.4",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.4.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "When safe filter is used with variable expansion, all following pipelines on the same string are incorrectly interpreted as safe too, enabling unsafe data to be unescaped. This can enable SQL / LDAP injection attacks when used in authentication. Avoid using safe filter until on fixed version. No publicly available exploits are known."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-235",
"description": "Improper Handling of Extra Parameters",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T13:38:59.967Z",
"orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
"shortName": "OX"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://documentation.open-xchange.com/dovecot/security/advisories/csaf/2026/oxdc-adv-2026-0002.json"
}
],
"source": {
"defect": "DOV-8967",
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
"assignerShortName": "OX",
"cveId": "CVE-2026-27851",
"datePublished": "2026-05-12T13:28:43.846Z",
"dateReserved": "2026-02-24T08:46:09.372Z",
"dateUpdated": "2026-05-12T15:06:35.962Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-27851",
"date": "2026-06-02",
"epss": "0.00016",
"percentile": "0.03747"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-27851\",\"sourceIdentifier\":\"security@open-xchange.com\",\"published\":\"2026-05-12T14:16:56.857\",\"lastModified\":\"2026-05-18T17:29:09.793\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"When safe filter is used with variable expansion, all following pipelines on the same string are incorrectly interpreted as safe too, enabling unsafe data to be unescaped. This can enable SQL / LDAP injection attacks when used in authentication. Avoid using safe filter until on fixed version. No publicly available exploits are known.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@open-xchange.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":7.4,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":5.2},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":9.1,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"security@open-xchange.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-235\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:dovecot:dovecot:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.4.4\",\"matchCriteriaId\":\"86CE1F3B-DF73-431A-9EC0-491E8969A187\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:open-xchange:dovecot:*:*:*:*:pro:*:*:*\",\"versionEndExcluding\":\"3.1.5\",\"matchCriteriaId\":\"28C2DD58-A4B0-4F2C-BC60-F30F380251BC\"}]}]}],\"references\":[{\"url\":\"https://documentation.open-xchange.com/dovecot/security/advisories/csaf/2026/oxdc-adv-2026-0002.json\",\"source\":\"security@open-xchange.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-27851\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-12T15:06:27.723154Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-05-12T15:06:30.355Z\"}}], \"cna\": {\"source\": {\"defect\": \"DOV-8967\", \"discovery\": \"EXTERNAL\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.4, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Open-Xchange GmbH\", \"modules\": [\"core\"], \"product\": \"OX Dovecot Pro\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"3.1.4\"}, {\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"2.4.3\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://documentation.open-xchange.com/dovecot/security/advisories/csaf/2026/oxdc-adv-2026-0002.json\", \"tags\": [\"vendor-advisory\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"When safe filter is used with variable expansion, all following pipelines on the same string are incorrectly interpreted as safe too, enabling unsafe data to be unescaped. This can enable SQL / LDAP injection attacks when used in authentication. Avoid using safe filter until on fixed version. No publicly available exploits are known.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"cwe\", \"cweId\": \"CWE-235\", \"description\": \"Improper Handling of Extra Parameters\"}]}], \"providerMetadata\": {\"orgId\": \"8ce71d90-2354-404b-a86e-bec2cc4e6981\", \"shortName\": \"OX\", \"dateUpdated\": \"2026-05-12T13:38:59.967Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-27851\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-12T15:06:35.962Z\", \"dateReserved\": \"2026-02-24T08:46:09.372Z\", \"assignerOrgId\": \"8ce71d90-2354-404b-a86e-bec2cc4e6981\", \"datePublished\": \"2026-05-12T13:28:43.846Z\", \"assignerShortName\": \"OX\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
FKIE_CVE-2026-27851
Vulnerability from fkie_nvd - Published: 2026-05-12 14:16 - Updated: 2026-05-18 17:29
Severity
7.4 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Summary
When safe filter is used with variable expansion, all following pipelines on the same string are incorrectly interpreted as safe too, enabling unsafe data to be unescaped. This can enable SQL / LDAP injection attacks when used in authentication. Avoid using safe filter until on fixed version. No publicly available exploits are known.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dovecot | dovecot | * | |
| open-xchange | dovecot | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dovecot:dovecot:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86CE1F3B-DF73-431A-9EC0-491E8969A187",
"versionEndExcluding": "2.4.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:dovecot:*:*:*:*:pro:*:*:*",
"matchCriteriaId": "28C2DD58-A4B0-4F2C-BC60-F30F380251BC",
"versionEndExcluding": "3.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "When safe filter is used with variable expansion, all following pipelines on the same string are incorrectly interpreted as safe too, enabling unsafe data to be unescaped. This can enable SQL / LDAP injection attacks when used in authentication. Avoid using safe filter until on fixed version. No publicly available exploits are known."
}
],
"id": "CVE-2026-27851",
"lastModified": "2026-05-18T17:29:09.793",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.2,
"source": "security@open-xchange.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2026-05-12T14:16:56.857",
"references": [
{
"source": "security@open-xchange.com",
"tags": [
"Vendor Advisory"
],
"url": "https://documentation.open-xchange.com/dovecot/security/advisories/csaf/2026/oxdc-adv-2026-0002.json"
}
],
"sourceIdentifier": "security@open-xchange.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-235"
}
],
"source": "security@open-xchange.com",
"type": "Secondary"
}
]
}
GHSA-XFPV-RRGM-4QQR
Vulnerability from github – Published: 2026-05-12 15:31 – Updated: 2026-05-12 15:31
VLAI
Details
When safe filter is used with variable expansion, all following pipelines on the same string are incorrectly interpreted as safe too, enabling unsafe data to be unescaped. This can enable SQL / LDAP injection attacks when used in authentication. Avoid using safe filter until on fixed version. No publicly available exploits are known.
Severity
7.4 (High)
{
"affected": [],
"aliases": [
"CVE-2026-27851"
],
"database_specific": {
"cwe_ids": [
"CWE-235"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-12T14:16:56Z",
"severity": "HIGH"
},
"details": "When safe filter is used with variable expansion, all following pipelines on the same string are incorrectly interpreted as safe too, enabling unsafe data to be unescaped. This can enable SQL / LDAP injection attacks when used in authentication. Avoid using safe filter until on fixed version. No publicly available exploits are known.",
"id": "GHSA-xfpv-rrgm-4qqr",
"modified": "2026-05-12T15:31:40Z",
"published": "2026-05-12T15:31:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27851"
},
{
"type": "WEB",
"url": "https://documentation.open-xchange.com/dovecot/security/advisories/csaf/2026/oxdc-adv-2026-0002.json"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
OXDC-ADV-2026-0002
Vulnerability from csaf_ox - Published: 2026-05-05 00:00 - Updated: 2026-05-12 00:00Summary
OX Dovecot Security Advisory OXDC-ADV-2026-0002
Severity
High
Notes
Terms of Use: This content is licensed under the Creative Commons Attribution-NoDerivatives 4.0 International License (https://creativecommons.org/licenses/by-nd/4.0/). If you distribute this content, you must provide attribution to Open-Xchange GmbH and provide a link to the original. You may not distribute a modified version of this content.
When safe filter is used with variable expansion, all following pipelines on the same string are incorrectly interpreted as safe too, enabling unsafe data to be unescaped.
7.4 (High)
Affected products
First fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
OX Dovecot Pro 3.1.5
Open-Xchange GmbH / OX Dovecot Pro
|
cpe:2.3:a:open-xchange:dovecot:3.1.5:*:*:*:*:*:*:*
|
3.1.5 | |
|
OX Dovecot CE 2.4.4
Open-Xchange GmbH / OX Dovecot CE
|
cpe:2.3:a:open-xchange:dovecot:2.4.4:*:*:*:*:*:*:*
|
2.4.4 |
Last affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
OX Dovecot Pro 3.1.4
Open-Xchange GmbH / OX Dovecot Pro
|
cpe:2.3:a:open-xchange:dovecot:3.1.4:*:*:*:*:*:*:*
|
3.1.4 |
Vendor Fix
|
|
OX Dovecot CE 2.4.3
Open-Xchange GmbH / OX Dovecot CE
|
cpe:2.3:a:open-xchange:dovecot:2.4.3:*:*:*:*:*:*:*
|
2.4.3 |
Vendor Fix
|
Threats
Impact
This can enable SQL / LDAP injection attacks when used in authentication.
Exploit Status
No publicly available exploits are known.
Attacker can upload a malicious Sieve script over ManageSieve service (or locally) to bypass configured CPU time limits for Sieve up to 130 times of the configured limit.
5.3 (Medium)
Affected products
First fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
OX Dovecot Pro 3.1.5
Open-Xchange GmbH / OX Dovecot Pro
|
cpe:2.3:a:open-xchange:dovecot:3.1.5:*:*:*:*:*:*:*
|
3.1.5 | |
|
OX Dovecot CE 2.4.4
Open-Xchange GmbH / OX Dovecot CE
|
cpe:2.3:a:open-xchange:dovecot:2.4.4:*:*:*:*:*:*:*
|
2.4.4 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
OX Dovecot Pro 2.3.0
Open-Xchange GmbH / OX Dovecot Pro
|
cpe:2.3:a:open-xchange:dovecot:2.3.0:*:*:*:*:*:*:*
|
2.3.0 |
Vendor Fix
|
Threats
Impact
Attacker can use this to degrade server performance and bypass configured CPU time limits for Sieve scripts.
Exploit Status
No publicly available exploits are known.
Attacker can use a specially crafted base64 exchange between Dovecot and Client to fake SCRAM TLS channel binding. This requires that the attacker is able to position itself between Dovecot and the client connection.
6.8 (Medium)
Affected products
First fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
OX Dovecot Pro 3.1.5
Open-Xchange GmbH / OX Dovecot Pro
|
cpe:2.3:a:open-xchange:dovecot:3.1.5:*:*:*:*:*:*:*
|
3.1.5 | |
|
OX Dovecot CE 2.4.4
Open-Xchange GmbH / OX Dovecot CE
|
cpe:2.3:a:open-xchange:dovecot:2.4.4:*:*:*:*:*:*:*
|
2.4.4 |
Last affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
OX Dovecot Pro 3.1.0
Open-Xchange GmbH / OX Dovecot Pro
|
cpe:2.3:a:open-xchange:dovecot:3.1.0:*:*:*:*:*:*:*
|
3.1.0 |
Vendor Fix
|
|
OX Dovecot CE 2.4.0
Open-Xchange GmbH / OX Dovecot CE
|
cpe:2.3:a:open-xchange:dovecot:2.4.0:*:*:*:*:*:*:*
|
2.4.0 |
Vendor Fix
|
Threats
Impact
If successful, the attacker can eavesdrop communications between Dovecot and client as MITM proxy.
Exploit Status
No publicly available exploits are known.
Attacker can use the IMAP SETACL command to inject the anyone permission to user's dovecot-acl file even if imap_acl_allow_anyone=no. This causes folders to be spammed to all users.
CWE-284 - Improper Access ControlAffected products
First fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
OX Dovecot Pro 3.1.5
Open-Xchange GmbH / OX Dovecot Pro
|
cpe:2.3:a:open-xchange:dovecot:3.1.5:*:*:*:*:*:*:*
|
3.1.5 | |
|
OX Dovecot CE 2.4.4
Open-Xchange GmbH / OX Dovecot CE
|
cpe:2.3:a:open-xchange:dovecot:2.4.4:*:*:*:*:*:*:*
|
2.4.4 |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
OX Dovecot Pro 2.3.0
Open-Xchange GmbH / OX Dovecot Pro
|
cpe:2.3:a:open-xchange:dovecot:2.3.0:*:*:*:*:*:*:*
|
2.3.0 |
Vendor Fix
|
Threats
Impact
The impact is limited to being able to spam folders to other users, no unexpected access is gained.
Exploit Status
No publicly available exploits are known.
An attacker can cause uncontrolled memory usage with excessive bracing over IMAP. The fix in CVE-2026-27857 was incomplete, only blocking one way of doing this, so there was still another way left open. In particular, the fix was for closing braces, but you could still use open braces to bypass the limit.
4.3 (Medium)
Affected products
First fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
OX Dovecot Pro 3.1.5
Open-Xchange GmbH / OX Dovecot Pro
|
cpe:2.3:a:open-xchange:dovecot:3.1.5:*:*:*:*:*:*:*
|
3.1.5 | |
|
OX Dovecot CE 2.4.4
Open-Xchange GmbH / OX Dovecot CE
|
cpe:2.3:a:open-xchange:dovecot:2.4.4:*:*:*:*:*:*:*
|
2.4.4 |
Last affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
OX Dovecot Pro 3.0.5
Open-Xchange GmbH / OX Dovecot Pro
|
cpe:2.3:a:open-xchange:dovecot:3.0.5:*:*:*:*:*:*:*
|
3.0.5 |
Vendor Fix
|
|
OX Dovecot Pro 3.1.4
Open-Xchange GmbH / OX Dovecot Pro
|
cpe:2.3:a:open-xchange:dovecot:3.1.4:*:*:*:*:*:*:*
|
3.1.4 |
Vendor Fix
|
|
OX Dovecot CE 2.4.3
Open-Xchange GmbH / OX Dovecot CE
|
cpe:2.3:a:open-xchange:dovecot:2.4.3:*:*:*:*:*:*:*
|
2.4.3 |
Vendor Fix
|
Threats
Impact
Using excessive bracing, attacker can cause memory usage up to configured memory limit.
Exploit Status
No publicly available exploits are known.
References
Acknowledgments
caprinuxx@yeswehack
djvirus@yeswehack
ylwango613@yeswehack
ilhamaf@yeswehack
D4RKCYPH3R@yeswehack
{
"document": {
"aggregate_severity": {
"text": "HIGH"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Open-Xchange GmbH. All rights reserved.",
"tlp": {
"label": "GREEN",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution-NoDerivatives 4.0 International License (https://creativecommons.org/licenses/by-nd/4.0/). If you distribute this content, you must provide attribution to Open-Xchange GmbH and provide a link to the original. You may not distribute a modified version of this content.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"name": "Open-Xchange GmbH",
"namespace": "https://open-xchange.com/"
},
"references": [
{
"category": "self",
"summary": "Canonical CSAF document",
"url": "https://documentation.open-xchange.com/dovecot/security/advisories/csaf/2026/oxdc-adv-2026-0002.json"
},
{
"category": "self",
"summary": "Markdown representation",
"url": "https://documentation.open-xchange.com/dovecot/security/advisories/md/2026/oxdc-adv-2026-0002.md"
},
{
"category": "self",
"summary": "HTML representation",
"url": "https://documentation.open-xchange.com/dovecot/security/advisories/html/2026/oxdc-adv-2026-0002.html"
},
{
"category": "self",
"summary": "Plain-text representation",
"url": "https://documentation.open-xchange.com/dovecot/security/advisories/txt/2026/oxdc-adv-2026-0002.txt"
}
],
"title": "OX Dovecot Security Advisory OXDC-ADV-2026-0002",
"tracking": {
"current_release_date": "2026-05-12T00:00:00+00:00",
"generator": {
"date": "2026-05-12T13:38:55+00:00",
"engine": {
"name": "OX CSAF",
"version": "1.0.0"
}
},
"id": "OXDC-ADV-2026-0002",
"initial_release_date": "2026-05-05T00:00:00+00:00",
"revision_history": [
{
"date": "2026-05-05T00:00:00+00:00",
"number": "1",
"summary": "Initial release"
},
{
"date": "2026-05-12T00:00:00+00:00",
"number": "2",
"summary": "Public release"
},
{
"date": "2026-05-12T00:00:00+00:00",
"number": "3",
"summary": "Public release"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "3.1.4",
"product": {
"name": "OX Dovecot Pro 3.1.4",
"product_id": "OXDC-PRO_3.1.4",
"product_identification_helper": {
"cpe": "cpe:2.3:a:open-xchange:dovecot:3.1.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "3.1.5",
"product": {
"name": "OX Dovecot Pro 3.1.5",
"product_id": "OXDC-PRO_3.1.5",
"product_identification_helper": {
"cpe": "cpe:2.3:a:open-xchange:dovecot:3.1.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "2.3.0",
"product": {
"name": "OX Dovecot Pro 2.3.0",
"product_id": "OXDC-PRO_2.3.0",
"product_identification_helper": {
"cpe": "cpe:2.3:a:open-xchange:dovecot:2.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "3.1.0",
"product": {
"name": "OX Dovecot Pro 3.1.0",
"product_id": "OXDC-PRO_3.1.0",
"product_identification_helper": {
"cpe": "cpe:2.3:a:open-xchange:dovecot:3.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "3.0.5",
"product": {
"name": "OX Dovecot Pro 3.0.5",
"product_id": "OXDC-PRO_3.0.5",
"product_identification_helper": {
"cpe": "cpe:2.3:a:open-xchange:dovecot:3.0.5:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "OX Dovecot Pro"
},
{
"branches": [
{
"category": "product_version",
"name": "2.4.3",
"product": {
"name": "OX Dovecot CE 2.4.3",
"product_id": "OXDC-CE_2.4.3",
"product_identification_helper": {
"cpe": "cpe:2.3:a:open-xchange:dovecot:2.4.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "2.4.4",
"product": {
"name": "OX Dovecot CE 2.4.4",
"product_id": "OXDC-CE_2.4.4",
"product_identification_helper": {
"cpe": "cpe:2.3:a:open-xchange:dovecot:2.4.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "2.4.0",
"product": {
"name": "OX Dovecot CE 2.4.0",
"product_id": "OXDC-CE_2.4.0",
"product_identification_helper": {
"cpe": "cpe:2.3:a:open-xchange:dovecot:2.4.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "OX Dovecot CE"
}
],
"category": "vendor",
"name": "Open-Xchange GmbH"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"caprinuxx@yeswehack"
]
}
],
"cve": "CVE-2026-27851",
"cwe": {
"id": "CWE-235",
"name": "Improper Handling of Extra Parameters"
},
"discovery_date": "2026-03-29T16:37:17+00:00",
"ids": [
{
"system_name": "JIRA OX Bug",
"text": "DOV-8967"
}
],
"notes": [
{
"category": "description",
"text": "When safe filter is used with variable expansion, all following pipelines on the same string are incorrectly interpreted as safe too, enabling unsafe data to be unescaped."
}
],
"product_status": {
"first_fixed": [
"OXDC-PRO_3.1.5",
"OXDC-CE_2.4.4"
],
"last_affected": [
"OXDC-PRO_3.1.4",
"OXDC-CE_2.4.3"
]
},
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T00:00:00+00:00",
"details": "Avoid using safe filter until on fixed version.",
"product_ids": [
"OXDC-PRO_3.1.4",
"OXDC-CE_2.4.3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"OXDC-PRO_3.1.4",
"OXDC-CE_2.4.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "This can enable SQL / LDAP injection attacks when used in authentication."
},
{
"category": "exploit_status",
"details": "No publicly available exploits are known."
}
],
"title": "lib-var-expand: Safe filter leaks to all following pipelines"
},
{
"acknowledgments": [
{
"names": [
"djvirus@yeswehack"
]
}
],
"cve": "CVE-2026-40016",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2026-03-24T13:00:23+00:00",
"ids": [
{
"system_name": "JIRA OX Bug",
"text": "DOV-8948"
}
],
"notes": [
{
"category": "description",
"text": "Attacker can upload a malicious Sieve script over ManageSieve service (or locally) to bypass configured CPU time limits for Sieve up to 130 times of the configured limit."
}
],
"product_status": {
"first_fixed": [
"OXDC-PRO_3.1.5",
"OXDC-CE_2.4.4"
],
"last_affected": [
"OXDC-PRO_2.3.0"
]
},
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T00:00:00+00:00",
"details": "Install fixed version, or alternatively prevent direct access to Sieve scripts via ManageSieve or local access.",
"product_ids": [
"OXDC-PRO_2.3.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"OXDC-PRO_2.3.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Attacker can use this to degrade server performance and bypass configured CPU time limits for Sieve scripts."
},
{
"category": "exploit_status",
"details": "No publicly available exploits are known."
}
],
"title": "Sieve :contains/:matches O(N\u00d7M) Substring Match Bypasses sieve_max_cpu_time Limit (130\u00d7 Overrun)"
},
{
"acknowledgments": [
{
"names": [
"ylwango613@yeswehack"
]
}
],
"cve": "CVE-2026-33603",
"cwe": {
"id": "CWE-99",
"name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
},
"discovery_date": "2026-04-08T06:10:32+00:00",
"ids": [
{
"system_name": "JIRA OX Bug",
"text": "DOV-9030"
}
],
"notes": [
{
"category": "description",
"text": "Attacker can use a specially crafted base64 exchange between Dovecot and Client to fake SCRAM TLS channel binding. This requires that the attacker is able to position itself between Dovecot and the client connection."
}
],
"product_status": {
"first_fixed": [
"OXDC-PRO_3.1.5",
"OXDC-CE_2.4.4"
],
"last_affected": [
"OXDC-PRO_3.1.0",
"OXDC-CE_2.4.0"
]
},
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T00:00:00+00:00",
"details": "Install fixed version.",
"product_ids": [
"OXDC-PRO_3.1.0",
"OXDC-CE_2.4.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"OXDC-PRO_3.1.0",
"OXDC-CE_2.4.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "If successful, the attacker can eavesdrop communications between Dovecot and client as MITM proxy."
},
{
"category": "exploit_status",
"details": "No publicly available exploits are known."
}
],
"title": "login: Base64 input can contain tabs that bypass IPC protection"
},
{
"acknowledgments": [
{
"names": [
"ilhamaf@yeswehack"
]
}
],
"cve": "CVE-2026-40020",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2026-04-08T09:42:22+00:00",
"ids": [
{
"system_name": "JIRA OX Bug",
"text": "DOV-9040"
}
],
"notes": [
{
"category": "description",
"text": "Attacker can use the IMAP SETACL command to inject the anyone permission to user\u0027s dovecot-acl file even if imap_acl_allow_anyone=no. This causes folders to be spammed to all users."
}
],
"product_status": {
"first_fixed": [
"OXDC-PRO_3.1.5",
"OXDC-CE_2.4.4"
],
"last_affected": [
"OXDC-PRO_2.3.0"
]
},
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T00:00:00+00:00",
"details": "Install to fixed version.",
"product_ids": [
"OXDC-PRO_2.3.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"OXDC-PRO_2.3.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "The impact is limited to being able to spam folders to other users, no unexpected access is gained."
},
{
"category": "exploit_status",
"details": "No publicly available exploits are known."
}
],
"title": "IMAP folders can be shared-spammed to everyone"
},
{
"acknowledgments": [
{
"names": [
"D4RKCYPH3R@yeswehack"
]
}
],
"cve": "CVE-2026-42006",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2026-04-27T14:38:12+00:00",
"ids": [
{
"system_name": "JIRA OX Bug",
"text": "DOV-9138"
}
],
"notes": [
{
"category": "description",
"text": "An attacker can cause uncontrolled memory usage with excessive bracing over IMAP. The fix in CVE-2026-27857 was incomplete, only blocking one way of doing this, so there was still another way left open. In particular, the fix was for closing braces, but you could still use open braces to bypass the limit."
}
],
"product_status": {
"first_fixed": [
"OXDC-PRO_3.1.5",
"OXDC-CE_2.4.4"
],
"last_affected": [
"OXDC-PRO_3.0.5",
"OXDC-PRO_3.1.4",
"OXDC-CE_2.4.3"
]
},
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T00:00:00+00:00",
"details": "Install fixed version, or configure vsz_limit for imap process to low value.",
"product_ids": [
"OXDC-PRO_3.0.5",
"OXDC-PRO_3.1.4",
"OXDC-CE_2.4.3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"OXDC-PRO_3.0.5",
"OXDC-PRO_3.1.4",
"OXDC-CE_2.4.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Using excessive bracing, attacker can cause memory usage up to configured memory limit."
},
{
"category": "exploit_status",
"details": "No publicly available exploits are known."
}
],
"title": "imap-login: Excessive memory usage DoS - Try 2"
}
]
}
WID-SEC-W-2026-1510
Vulnerability from csaf_certbund - Published: 2026-05-12 22:00 - Updated: 2026-06-02 22:00Summary
OX Dovecot Pro: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Dovecot ist ein Open Source IMAP und POP3 E-Mail Server.
Angriff: Ein Angreifer kann mehrere Schwachstellen in OX Dovecot Pro ausnutzen, um SQL-Injection-Angriffe durchzuführen, Sicherheitsmaßnahmen zu umgehen, Daten zu manipulieren oder offenzulegen oder einen Denial-of-Service-Zustand zu verursachen.
Betroffene Betriebssysteme: - Sonstiges
- UNIX
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Open Source Dovecot OX Pro core <3.1.5
Open Source / Dovecot
|
OX Pro core <3.1.5 | ||
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Open Source Dovecot OX Pro core <2.4.4
Open Source / Dovecot
|
OX Pro core <2.4.4 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Open Source Dovecot OX Pro core <3.1.5
Open Source / Dovecot
|
OX Pro core <3.1.5 | ||
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Open Source Dovecot OX Pro core <2.4.4
Open Source / Dovecot
|
OX Pro core <2.4.4 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Open Source Dovecot OX Pro core <3.1.5
Open Source / Dovecot
|
OX Pro core <3.1.5 | ||
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Open Source Dovecot OX Pro core <2.4.4
Open Source / Dovecot
|
OX Pro core <2.4.4 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Open Source Dovecot OX Pro core <3.1.5
Open Source / Dovecot
|
OX Pro core <3.1.5 | ||
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Open Source Dovecot OX Pro core <2.4.4
Open Source / Dovecot
|
OX Pro core <2.4.4 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Open Source Dovecot OX Pro core <3.1.5
Open Source / Dovecot
|
OX Pro core <3.1.5 | ||
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Open Source Dovecot OX Pro core <2.4.4
Open Source / Dovecot
|
OX Pro core <2.4.4 |
References
10 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Dovecot ist ein Open Source IMAP und POP3 E-Mail Server.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in OX Dovecot Pro ausnutzen, um SQL-Injection-Angriffe durchzuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, Daten zu manipulieren oder offenzulegen oder einen Denial-of-Service-Zustand zu verursachen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-1510 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1510.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-1510 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1510"
},
{
"category": "external",
"summary": "Dovecot Security Advisory OXDC-2026-0002 vom 2026-05-12",
"url": "https://dovecot.org/mailman3/archives/list/dovecot@dovecot.org/thread/YQYBB3NJPNFFJ4SHDU7PLXLRRGHBJKSK/"
},
{
"category": "external",
"summary": "Dovecot and Pigeonhole v2.4.4 Released vom 2026-05-12",
"url": "https://dovecot.org/mailman3/archives/list/dovecot@dovecot.org/thread/YW7GVOH3VVLNAYW2C4TEBTGJW52J7F6H/"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-h6rp-9mjf-6x88 vom 2026-05-12",
"url": "https://github.com/advisories/GHSA-h6rp-9mjf-6x88"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10766-1 vom 2026-05-14",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GKQUS3KTDTOKH7A7YH4AAZDWVAKVZKBY/"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2026-96EEB03B88 vom 2026-05-18",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2026-96eeb03b88"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2026-693373747F vom 2026-05-18",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2026-693373747f"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-6313 vom 2026-05-31",
"url": "https://lists.debian.org/debian-security-announce/2026/msg00224.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8365-1 vom 2026-06-02",
"url": "https://ubuntu.com/security/notices/USN-8365-1"
}
],
"source_lang": "en-US",
"title": "OX Dovecot Pro: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-06-02T22:00:00.000+00:00",
"generator": {
"date": "2026-06-03T06:02:37.409+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.6.0"
}
},
"id": "WID-SEC-W-2026-1510",
"initial_release_date": "2026-05-12T22:00:00.000+00:00",
"revision_history": [
{
"date": "2026-05-12T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-05-14T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2026-05-18T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2026-05-31T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2026-06-02T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Ubuntu aufgenommen"
}
],
"status": "final",
"version": "5"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "OX Pro core \u003c3.1.5",
"product": {
"name": "Open Source Dovecot OX Pro core \u003c3.1.5",
"product_id": "T053959"
}
},
{
"category": "product_version",
"name": "OX Pro core 3.1.5",
"product": {
"name": "Open Source Dovecot OX Pro core 3.1.5",
"product_id": "T053959-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dovecot:dovecot:ox_pro_core__3.1.5"
}
}
},
{
"category": "product_version_range",
"name": "OX Pro core \u003c2.4.4",
"product": {
"name": "Open Source Dovecot OX Pro core \u003c2.4.4",
"product_id": "T053960"
}
},
{
"category": "product_version",
"name": "OX Pro core 2.4.4",
"product": {
"name": "Open Source Dovecot OX Pro core 2.4.4",
"product_id": "T053960-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dovecot:dovecot:ox_pro_core__2.4.4"
}
}
}
],
"category": "product_name",
"name": "Dovecot"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-27851",
"product_status": {
"known_affected": [
"2951",
"T053959",
"T000126",
"T027843",
"74185",
"T053960"
]
},
"release_date": "2026-05-12T22:00:00.000+00:00",
"title": "CVE-2026-27851"
},
{
"cve": "CVE-2026-40016",
"product_status": {
"known_affected": [
"2951",
"T053959",
"T000126",
"T027843",
"74185",
"T053960"
]
},
"release_date": "2026-05-12T22:00:00.000+00:00",
"title": "CVE-2026-40016"
},
{
"cve": "CVE-2026-33603",
"product_status": {
"known_affected": [
"2951",
"T053959",
"T000126",
"T027843",
"74185",
"T053960"
]
},
"release_date": "2026-05-12T22:00:00.000+00:00",
"title": "CVE-2026-33603"
},
{
"cve": "CVE-2026-40020",
"product_status": {
"known_affected": [
"2951",
"T053959",
"T000126",
"T027843",
"74185",
"T053960"
]
},
"release_date": "2026-05-12T22:00:00.000+00:00",
"title": "CVE-2026-40020"
},
{
"cve": "CVE-2026-42006",
"product_status": {
"known_affected": [
"2951",
"T053959",
"T000126",
"T027843",
"74185",
"T053960"
]
},
"release_date": "2026-05-12T22:00:00.000+00:00",
"title": "CVE-2026-42006"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…