CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2026/06/15 12:0 a.m.•4 views

Debian dla-4556 : dovecot-auth-lua - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4556 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4556-1 [email protected]...

7.5CVSS5.5AI score0.00456EPSS

Exploits6References18

Ubuntu•added 2026/06/02 12:42 p.m.•11 views

USN-8365-1: Dovecot vulnerabilities

It was discovered that Dovecot incorrectly treated some variable expansion pipelines as safe in authentication filters. An attacker could possibly use this issue to perform SQL or LDAP injection attacks. This issue only affected Ubuntu 25.10 and Ubuntu 26.04 LTS. CVE-2026-27851 It was discovered...

9.1CVSS5.9AI score0.00338EPSS

Exploits0

RedhatCVE•added 2026/05/25 7:33 a.m.•10 views

CVE-2026-40016

A flaw was found in Dovecot. A remote or local attacker could upload a malicious Sieve script through the ManageSieve service, or locally, to bypass configured CPU time limits for Sieve scripts. This allows the attacker to consume excessive server resources, leading to a degradation of server...

6.5CVSS5.8AI score0.00338EPSS

Packet Storm News•added 2026/05/21 12:0 a.m.•7 views

Parser-Free Querying of Security Logs

Security analysts routinely query system logs to detect threats and investigate incidents, but each log source uses its own semi-structured format: logs are cheap to produce, but expensive to use. The standard approach, building per-source parsers to normalize logs into structured schemas, is...

5.9AI score

Exploits0

RedHat Linux•added 2026/05/20 2:1 a.m.•13 views

dovecot: ManageSieve: Denial of Service via crafted SASL initial response in AUTHENTICATE command

7.5CVSS5.8AI score0.00406EPSS

Tenable Nessus•added 2026/05/20 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2026-40016

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Attacker can upload a malicious Sieve script over ManageSieve service or locally to bypass configured CPU time limits for Sieve up to 130 times of the configure...

6.5CVSS5.8AI score0.00338EPSS

RedHat Linux•added 2026/05/14 3:35 p.m.•6 views

dovecot: ManageSieve: Denial of Service via crafted SASL initial response in AUTHENTICATE command

7.5CVSS5.8AI score0.00406EPSS

RedHat Linux•added 2026/05/14 2:6 p.m.•9 views

dovecot: ManageSieve: Denial of Service via crafted SASL initial response in AUTHENTICATE command

7.5CVSS5.8AI score0.00406EPSS

SUSE CVE•added 2026/05/13 3:37 a.m.•7 views

SUSE CVE-2026-40016

Attacker can upload a malicious Sieve script over ManageSieve service or locally to bypass configured CPU time limits for Sieve up to 130 times of the configured limit. Attacker can use this to degrade server performance and bypass configured CPU time limits for Sieve scripts. Install fixed...

EUVD•added 2026/05/12 3:31 p.m.•32 views

EUVD-2026-29470

5.3CVSS5.7AI score0.00338EPSS

Exploits0References2

NVD•added 2026/05/12 2:17 p.m.•7 views

CVE-2026-40016

6.5CVSS0.00338EPSS

Exploits0References1

UbuntuCve•added 2026/05/12 2:17 p.m.•13 views

CVE-2026-40016

OSV•added 2026/05/12 2:17 p.m.•4 views

Exploits0References2

UBUNTU-CVE-2026-40016

Debian CVE•added 2026/05/12 1:28 p.m.•8 views

CVE-2026-40016

ATTACKERKB•added 2026/05/12 1:28 p.m.•5 views

Exploits0

CVE-2026-40016

5.3CVSS5.7AI score0.00338EPSS

Exploits0References2

CVE•added 2026/05/12 1:28 p.m.•15 views

CVE-2026-40016

CVE-2026-40016: An attacker can upload a malicious Sieve script via ManageSieve (or local access) to bypass CPU time limits, potentially increasing allowed run time up to 130× the configured limit and degrading server performance. Affected component is the Sieve execution/ManageSieve handling; ro...