Linux Distros Unpatched Vulnerability : CVE-2026-27860

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If authusernamechars is empty, it is possible to inject arbitrary LDAP filter to Dovecot's LDAP authentication. This leads to potentially bypassing restrictions...

ALPINE-CVE-2026-27860

If authusernamechars is empty, it is possible to inject arbitrary LDAP filter to Dovecot's LDAP authentication. This leads to potentially bypassing restrictions and allows probing of LDAP structure. Do not clear out authusernamechars, or install fixed version. No publicly available exploits are...

CVE-2026-27860

If authusernamechars is empty, it is possible to inject arbitrary LDAP filter to Dovecot's LDAP authentication. This leads to potentially bypassing restrictions and allows probing of LDAP structure. Do not clear out authusernamechars, or install fixed version. No publicly available exploits are...

CVE-2026-24031

Dovecot SQL based authentication can be bypassed when authusernamechars is cleared by admin. This vulnerability allows bypassing authentication for any user and user enumeration. Do not clear authusernamechars. If this is not possible, install latest fixed version. No publicly available exploits...

CVE-2026-24031

CVE-2026-24031 describes a vulnerability in Dovecot where SQL-based authentication can be bypassed if an admin clears the auth_username_chars setting. This allows bypassing authentication for any user and enables user enumeration. The root cause is tied to the handling of auth_username_chars; whe...

Open-Xchange OX Dovecot Pro 安全漏洞

Open-Xchange OX Dovecot Pro is an email storage and delivery system provided by the German company Open-Xchange. Open-Xchange OX Dovecot Pro has a security vulnerability that can lead to authentication bypass and user enumeration when the authusernamechars field is cleared...