CVE-2026-47086
CYRUS IMAPD has a vulnerability CVE-2026-47086 affecting Cyrus IMAP up to version 3.12.2. The GENURLAUTH feature allows issuance of URLAUTH tokens by any authenticated user for named mailboxes, bypassing ACLs and enabling reading mail from those mailboxes without granted permissions. The issue is...