CVE-2026-47087
A flaw was found in Cyrus IMAP. The URLAUTH mechanism in Cyrus IMAP through version 3.12.2 does not properly revoke access for an authorizer. This allows a previously authorized user to retain access via a URLAUTH URL, even after their authorization has been revoked, potentially leading to...