Lucene search
K

6 matches found

SUSE CVE
SUSE CVE
added 2026/05/13 3:37 a.m.11 views

SUSE CVE-2026-40020

Attacker can use the IMAP SETACL command to inject the anyone permission to user's dovecot-acl file even if imapaclallowanyone=no. This causes folders to be spammed to all users. The impact is limited to being able to spam folders to other users, no unexpected access is gained. Install to fixed...

4.3CVSS5.8AI score0.00271EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/12 3:31 p.m.11 views

EUVD-2026-29471

Attacker can use the IMAP SETACL command to inject the anyone permission to user's dovecot-acl file even if imapaclallowanyone=no. This causes folders to be spammed to all users. The impact is limited to being able to spam folders to other users, no unexpected access is gained. Install to fixed...

3.1CVSS5.8AI score0.00271EPSS
Exploits0References2
NVD
NVD
added 2026/05/12 2:17 p.m.20 views

CVE-2026-40020

Attacker can use the IMAP SETACL command to inject the anyone permission to user's dovecot-acl file even if imapaclallowanyone=no. This causes folders to be spammed to all users. The impact is limited to being able to spam folders to other users, no unexpected access is gained. Install to fixed...

4.3CVSS0.00271EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/12 1:28 p.m.8 views

CVE-2026-40020

Attacker can use the IMAP SETACL command to inject the anyone permission to user's dovecot-acl file even if imapaclallowanyone=no. This causes folders to be spammed to all users. The impact is limited to being able to spam folders to other users, no unexpected access is gained. Install to fixed...

3.1CVSS5.8AI score0.00271EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/05/12 1:28 p.m.7 views

CVE-2026-40020

Attacker can use the IMAP SETACL command to inject the anyone permission to user's dovecot-acl file even if imapaclallowanyone=no. This causes folders to be spammed to all users. The impact is limited to being able to spam folders to other users, no unexpected access is gained. Install to fixed...

4.3CVSS5.8AI score0.00271EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.12 views

PT-2026-40028

Name of the Vulnerable Software and Affected Versions dovecot versions prior to 2.4.4-1.1 Description An attacker can use the IMAP SETACL command to inject the anyone permission into a user's dovecot-acl file, bypassing the imap acl allow anyone=no configuration. This allows folders to be spammed...

6.5CVSS5.8AI score0.00338EPSS
Exploits0References30
Rows per page
Query Builder