Vulnerability-Lookup

WID-SEC-W-2026-0891

Vulnerability from csaf_certbund - Published: 2026-03-26 23:00 - Updated: 2026-06-07 22:00

Summary

Dovecot: Mehrere Schwachstellen

Severity

Mittel

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Dovecot ist ein Open Source IMAP und POP3 E-Mail Server.

Angriff: Ein Angreifer kann mehrere Schwachstellen in Dovecot ausnutzen, um SQL-Injection-Angriffe durchzuführen, die Authentifizierung zu umgehen, vertrauliche Informationen offenzulegen oder einen Denial-of-Service-Zustand herbeizuführen.

Betroffene Betriebssysteme: - Sonstiges - UNIX

CVE-2025-30189

Affected products

Known affected 11 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Dovecot <2.4.0 Open Source / Dovecot		<2.4.0
Open Source Dovecot <2.4.3 Open Source / Dovecot		<2.4.3
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—

CVE-2025-59028

Affected products

Known affected 11 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Dovecot <2.4.0 Open Source / Dovecot		<2.4.0
Open Source Dovecot <2.4.3 Open Source / Dovecot		<2.4.3
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—

CVE-2025-59032

Affected products

Known affected 11 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Dovecot <2.4.0 Open Source / Dovecot		<2.4.0
Open Source Dovecot <2.4.3 Open Source / Dovecot		<2.4.3
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—

CVE-2026-24031

Affected products

Known affected 11 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Dovecot <2.4.0 Open Source / Dovecot		<2.4.0
Open Source Dovecot <2.4.3 Open Source / Dovecot		<2.4.3
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—

CVE-2026-27856

Affected products

Known affected 11 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Dovecot <2.4.0 Open Source / Dovecot		<2.4.0
Open Source Dovecot <2.4.3 Open Source / Dovecot		<2.4.3
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—

CVE-2026-27858

Affected products

Known affected 11 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Dovecot <2.4.0 Open Source / Dovecot		<2.4.0
Open Source Dovecot <2.4.3 Open Source / Dovecot		<2.4.3
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—

CVE-2026-27859

Affected products

Known affected 11 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Dovecot <2.4.0 Open Source / Dovecot		<2.4.0
Open Source Dovecot <2.4.3 Open Source / Dovecot		<2.4.3
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—

CVE-2026-27860

Affected products

Known affected 11 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Dovecot <2.4.0 Open Source / Dovecot		<2.4.0
Open Source Dovecot <2.4.3 Open Source / Dovecot		<2.4.3
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—

CVE-2026-0394

Affected products

Known affected 10 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Dovecot <2.4.0 Open Source / Dovecot		<2.4.0
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—

CVE-2026-27855

Affected products

Known affected 11 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Dovecot <2.4.0 Open Source / Dovecot		<2.4.0
Open Source Dovecot <2.4.3 Open Source / Dovecot		<2.4.3
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—

CVE-2025-59031

Affected products

Known affected 11 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Dovecot <2.4.0 Open Source / Dovecot		<2.4.0
Open Source Dovecot <2.4.3 Open Source / Dovecot		<2.4.3
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—

CVE-2026-27857

Affected products

Known affected 11 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Dovecot <2.4.0 Open Source / Dovecot		<2.4.0
Open Source Dovecot <2.4.3 Open Source / Dovecot		<2.4.3
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—

References

35 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://dovecot.org/mailman3/archives/list/doveco…	external
https://lists.opensuse.org/archives/list/security…	external
https://ubuntu.com/security/notices/USN-8136-1	external
https://lists.debian.org/debian-security-announce…	external
https://lists.debian.org/debian-security-announce…	external
https://lists.opensuse.org/archives/list/security…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://ubuntu.com/security/notices/USN-8136-2	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://alas.aws.amazon.com/AL2/ALAS2-2026-3252.html	external
https://lists.debian.org/debian-lts-announce/2026…	external
https://access.redhat.com/errata/RHSA-2026:13498	external
https://access.redhat.com/errata/RHSA-2026:13830	external
https://linux.oracle.com/errata/ELSA-2026-13498.html	external
https://access.redhat.com/errata/RHSA-2026:13857	external
http://linux.oracle.com/errata/ELSA-2026-13857.html	external
https://errata.build.resf.org/RLSA-2026:13830	external
http://linux.oracle.com/errata/ELSA-2026-13830.html	external
https://errata.build.resf.org/RLSA-2026:13498	external
https://errata.build.resf.org/RLSA-2026:13857	external
https://access.redhat.com/errata/RHSA-2026:17626	external
https://access.redhat.com/errata/RHSA-2026:17628	external
https://access.redhat.com/errata/RHSA-2026:17630	external
https://access.redhat.com/errata/RHSA-2026:17602	external
https://access.redhat.com/errata/RHSA-2026:17625	external
https://access.redhat.com/errata/RHSA-2026:18053	external
https://bodhi.fedoraproject.org/updates/FEDORA-20…	external
https://bodhi.fedoraproject.org/updates/FEDORA-20…	external
https://access.redhat.com/errata/RHSA-2026:19455	external
https://access.redhat.com/errata/RHSA-2026:19364	external
https://access.redhat.com/errata/RHSA-2026:19149	external
https://access.redhat.com/errata/RHSA-2026:19453	external
https://lists.debian.org/debian-lts-announce/2026…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Dovecot ist ein Open Source IMAP und POP3 E-Mail Server.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in Dovecot ausnutzen, um SQL-Injection-Angriffe durchzuf\u00fchren, die Authentifizierung zu umgehen, vertrauliche Informationen offenzulegen oder einen Denial-of-Service-Zustand herbeizuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges\n- UNIX",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2026-0891 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0891.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2026-0891 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0891"
      },
      {
        "category": "external",
        "summary": "Dovecot Security Advisory vom 2026-03-26",
        "url": "https://dovecot.org/mailman3/archives/list/dovecot@dovecot.org/thread/I4KFFV4IKP6M5MS67SWYHKDSDMSNILQG/"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2026:10442-1 vom 2026-03-30",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/OBSVSMBRLSXDJ3TFA22MX7UVQIY2WIIN/"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-8136-1 vom 2026-03-31",
        "url": "https://ubuntu.com/security/notices/USN-8136-1"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-6197 vom 2026-04-07",
        "url": "https://lists.debian.org/debian-security-announce/2026/msg00106.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-6197 vom 2026-04-06",
        "url": "https://lists.debian.org/debian-security-announce/2026/msg00110.html"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2026:20554-1 vom 2026-04-21",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VMHMIYO6TS5ZV5BWW5FJU4VM35MQ7MJN/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21208-1 vom 2026-04-21",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025494.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-8136-2 vom 2026-04-28",
        "url": "https://ubuntu.com/security/notices/USN-8136-2"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:1641-1 vom 2026-04-28",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025755.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2-2026-3252 vom 2026-04-30",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2-2026-3252.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-4556 vom 2026-05-01",
        "url": "https://lists.debian.org/debian-lts-announce/2026/05/msg00000.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:13498 vom 2026-05-04",
        "url": "https://access.redhat.com/errata/RHSA-2026:13498"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:13830 vom 2026-05-05",
        "url": "https://access.redhat.com/errata/RHSA-2026:13830"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2026-13498 vom 2026-05-06",
        "url": "https://linux.oracle.com/errata/ELSA-2026-13498.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:13857 vom 2026-05-05",
        "url": "https://access.redhat.com/errata/RHSA-2026:13857"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2026-13857 vom 2026-05-07",
        "url": "http://linux.oracle.com/errata/ELSA-2026-13857.html"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2026:13830 vom 2026-05-07",
        "url": "https://errata.build.resf.org/RLSA-2026:13830"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2026-13830 vom 2026-05-07",
        "url": "http://linux.oracle.com/errata/ELSA-2026-13830.html"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2026:13498 vom 2026-05-06",
        "url": "https://errata.build.resf.org/RLSA-2026:13498"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2026:13857 vom 2026-05-07",
        "url": "https://errata.build.resf.org/RLSA-2026:13857"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:17626 vom 2026-05-14",
        "url": "https://access.redhat.com/errata/RHSA-2026:17626"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:17628 vom 2026-05-15",
        "url": "https://access.redhat.com/errata/RHSA-2026:17628"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:17630 vom 2026-05-14",
        "url": "https://access.redhat.com/errata/RHSA-2026:17630"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:17602 vom 2026-05-14",
        "url": "https://access.redhat.com/errata/RHSA-2026:17602"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:17625 vom 2026-05-14",
        "url": "https://access.redhat.com/errata/RHSA-2026:17625"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:18053 vom 2026-05-18",
        "url": "https://access.redhat.com/errata/RHSA-2026:18053"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2026-693373747F vom 2026-05-18",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2026-693373747f"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2026-96EEB03B88 vom 2026-05-18",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2026-96eeb03b88"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:19455 vom 2026-05-20",
        "url": "https://access.redhat.com/errata/RHSA-2026:19455"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:19364 vom 2026-05-19",
        "url": "https://access.redhat.com/errata/RHSA-2026:19364"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:19149 vom 2026-05-20",
        "url": "https://access.redhat.com/errata/RHSA-2026:19149"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:19453 vom 2026-05-20",
        "url": "https://access.redhat.com/errata/RHSA-2026:19453"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-4617 vom 2026-06-05",
        "url": "https://lists.debian.org/debian-lts-announce/2026/06/msg00006.html"
      }
    ],
    "source_lang": "en-US",
    "title": "Dovecot: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2026-06-07T22:00:00.000+00:00",
      "generator": {
        "date": "2026-06-08T09:27:59.548+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.6.0"
        }
      },
      "id": "WID-SEC-W-2026-0891",
      "initial_release_date": "2026-03-26T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2026-03-26T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2026-03-29T22:00:00.000+00:00",
          "number": "2",
          "summary": "Referenz(en) aufgenommen: EUVD-2026-16573, EUVD-2025-209092, EUVD-2026-16559, EUVD-2026-16561, EUVD-2026-16563, EUVD-2026-16565, EUVD-2026-16571, EUVD-2026-16567"
        },
        {
          "date": "2026-03-30T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von openSUSE aufgenommen"
        },
        {
          "date": "2026-03-31T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2026-04-06T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2026-04-21T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von openSUSE und SUSE aufgenommen"
        },
        {
          "date": "2026-04-28T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Ubuntu und SUSE aufgenommen"
        },
        {
          "date": "2026-04-29T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2026-05-03T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2026-05-04T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-05-05T22:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
        },
        {
          "date": "2026-05-06T22:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von Oracle Linux und Rocky Enterprise Software Foundation aufgenommen"
        },
        {
          "date": "2026-05-07T22:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
        },
        {
          "date": "2026-05-14T22:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-05-18T22:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von Red Hat und Fedora aufgenommen"
        },
        {
          "date": "2026-05-19T22:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-06-07T22:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von Debian aufgenommen"
        }
      ],
      "status": "final",
      "version": "17"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Fedora Linux",
            "product": {
              "name": "Fedora Linux",
              "product_id": "74185",
              "product_identification_helper": {
                "cpe": "cpe:/o:fedoraproject:fedora:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Fedora"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c2.4.0",
                "product": {
                  "name": "Open Source Dovecot \u003c2.4.0",
                  "product_id": "T052218"
                }
              },
              {
                "category": "product_version",
                "name": "2.4.0",
                "product": {
                  "name": "Open Source Dovecot 2.4.0",
                  "product_id": "T052218-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:dovecot:dovecot:2.4.0"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c2.4.3",
                "product": {
                  "name": "Open Source Dovecot \u003c2.4.3",
                  "product_id": "T052219"
                }
              },
              {
                "category": "product_version",
                "name": "2.4.3",
                "product": {
                  "name": "Open Source Dovecot 2.4.3",
                  "product_id": "T052219-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:dovecot:dovecot:2.4.3"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Dovecot"
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "RESF Rocky Linux",
            "product": {
              "name": "RESF Rocky Linux",
              "product_id": "T032255",
              "product_identification_helper": {
                "cpe": "cpe:/o:resf:rocky_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "RESF"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "SUSE openSUSE",
            "product": {
              "name": "SUSE openSUSE",
              "product_id": "T027843",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:opensuse:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-30189",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T052218",
          "T052219",
          "T027843",
          "398363",
          "T004914",
          "T032255",
          "74185"
        ]
      },
      "release_date": "2026-03-26T23:00:00.000+00:00",
      "title": "CVE-2025-30189"
    },
    {
      "cve": "CVE-2025-59028",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T052218",
          "T052219",
          "T027843",
          "398363",
          "T004914",
          "T032255",
          "74185"
        ]
      },
      "release_date": "2026-03-26T23:00:00.000+00:00",
      "title": "CVE-2025-59028"
    },
    {
      "cve": "CVE-2025-59032",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T052218",
          "T052219",
          "T027843",
          "398363",
          "T004914",
          "T032255",
          "74185"
        ]
      },
      "release_date": "2026-03-26T23:00:00.000+00:00",
      "title": "CVE-2025-59032"
    },
    {
      "cve": "CVE-2026-24031",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T052218",
          "T052219",
          "T027843",
          "398363",
          "T004914",
          "T032255",
          "74185"
        ]
      },
      "release_date": "2026-03-26T23:00:00.000+00:00",
      "title": "CVE-2026-24031"
    },
    {
      "cve": "CVE-2026-27856",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T052218",
          "T052219",
          "T027843",
          "398363",
          "T004914",
          "T032255",
          "74185"
        ]
      },
      "release_date": "2026-03-26T23:00:00.000+00:00",
      "title": "CVE-2026-27856"
    },
    {
      "cve": "CVE-2026-27858",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T052218",
          "T052219",
          "T027843",
          "398363",
          "T004914",
          "T032255",
          "74185"
        ]
      },
      "release_date": "2026-03-26T23:00:00.000+00:00",
      "title": "CVE-2026-27858"
    },
    {
      "cve": "CVE-2026-27859",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T052218",
          "T052219",
          "T027843",
          "398363",
          "T004914",
          "T032255",
          "74185"
        ]
      },
      "release_date": "2026-03-26T23:00:00.000+00:00",
      "title": "CVE-2026-27859"
    },
    {
      "cve": "CVE-2026-27860",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T052218",
          "T052219",
          "T027843",
          "398363",
          "T004914",
          "T032255",
          "74185"
        ]
      },
      "release_date": "2026-03-26T23:00:00.000+00:00",
      "title": "CVE-2026-27860"
    },
    {
      "cve": "CVE-2026-0394",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T052218",
          "T027843",
          "398363",
          "T004914",
          "T032255",
          "74185"
        ]
      },
      "release_date": "2026-03-26T23:00:00.000+00:00",
      "title": "CVE-2026-0394"
    },
    {
      "cve": "CVE-2026-27855",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T052218",
          "T052219",
          "T027843",
          "398363",
          "T004914",
          "T032255",
          "74185"
        ]
      },
      "release_date": "2026-03-26T23:00:00.000+00:00",
      "title": "CVE-2026-27855"
    },
    {
      "cve": "CVE-2025-59031",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T052218",
          "T052219",
          "T027843",
          "398363",
          "T004914",
          "T032255",
          "74185"
        ]
      },
      "release_date": "2026-03-26T23:00:00.000+00:00",
      "title": "CVE-2025-59031"
    },
    {
      "cve": "CVE-2026-27857",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T052218",
          "T052219",
          "T027843",
          "398363",
          "T004914",
          "T032255",
          "74185"
        ]
      },
      "release_date": "2026-03-26T23:00:00.000+00:00",
      "title": "CVE-2026-27857"
    }
  ]
}

CVE-2025-30189 (GCVE-0-2025-30189)

Vulnerability from cvelistv5 – Published: 2025-10-31 09:02 – Updated: 2026-03-27 12:33

Summary

When cache is enabled, some passdb/userdb drivers incorrectly cache all users with same cache key, causing wrong cached information to be used for these users. After cached login, all subsequent logins are for same user. Install fixed version or disable caching either globally or for the impacted passdb/userdb drivers. No publicly available exploits are known.

Severity

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-1250 - Improper Preservation of Consistency Between Independent Representations of Shared State

Assigner

References

3 references

URL	Tags
https://documentation.open-xchange.com/dovecot/se…	vendor-advisory
http://seclists.org/fulldisclosure/2025/Oct/29
http://www.openwall.com/lists/oss-security/2025/10/29/4

Impacted products

1 product

Vendor	Product	Version
Open-Xchange GmbH	OX Dovecot Pro	Affected: 0 , ≤ 3.1.0 (semver) Affected: 0 , ≤ 2.4.0 (semver)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T21:09:57.944Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://seclists.org/fulldisclosure/2025/Oct/29"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/10/29/4"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-30189",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-31T18:29:20.964859Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-31T18:37:37.432Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "modules": [
            "core"
          ],
          "product": "OX Dovecot Pro",
          "vendor": "Open-Xchange GmbH",
          "versions": [
            {
              "lessThanOrEqual": "3.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "2.4.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "When cache is enabled, some passdb/userdb drivers incorrectly cache all users with same cache key, causing wrong cached information to be used for these users. After cached login, all subsequent logins are for same user. Install fixed version or disable caching either globally or for the impacted passdb/userdb drivers. No publicly available exploits are known."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1250",
              "description": "Improper Preservation of Consistency Between Independent Representations of Shared State",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-27T12:33:18.387Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://documentation.open-xchange.com/dovecot/security/advisories/csaf/2026/oxdc-adv-2026-0001.json"
        }
      ],
      "source": {
        "defect": "DOV-7830",
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2025-30189",
    "datePublished": "2025-10-31T09:02:33.273Z",
    "dateReserved": "2025-03-18T08:39:46.884Z",
    "dateUpdated": "2026-03-27T12:33:18.387Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-59028 (GCVE-0-2025-59028)

Vulnerability from cvelistv5 – Published: 2026-03-27 08:10 – Updated: 2026-03-27 19:43

Summary

When sending invalid base64 SASL data, login process is disconnected from the auth server, causing all active authentication sessions to fail. Invalid BASE64 data can be used to DoS a vulnerable server to break concurrent logins. Install fixed version or disable concurrency in login processes (heavy perfomance penalty on large deployments). No publicly available exploits are known.

Severity

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-20 - Improper Input Validation

Assigner

References

1 reference

URL	Tags
https://documentation.open-xchange.com/dovecot/se…	vendor-advisory

Impacted products

1 product

Vendor	Product	Version
Open-Xchange GmbH	OX Dovecot Pro	Affected: 0 , ≤ 3.1.0 (semver) Affected: 0 , ≤ 2.4.0 (semver)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-59028",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-27T19:42:58.044355Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-27T19:43:08.685Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "modules": [
            "core"
          ],
          "product": "OX Dovecot Pro",
          "vendor": "Open-Xchange GmbH",
          "versions": [
            {
              "lessThanOrEqual": "3.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "2.4.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "When sending invalid base64 SASL data, login process is disconnected from the auth server, causing all active authentication sessions to fail. Invalid BASE64 data can be used to DoS a vulnerable server to break concurrent logins. Install fixed version or disable concurrency in login processes (heavy perfomance penalty on large deployments). No publicly available exploits are known."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "Improper Input Validation",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-27T12:33:19.644Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://documentation.open-xchange.com/dovecot/security/advisories/csaf/2026/oxdc-adv-2026-0001.json"
        }
      ],
      "source": {
        "defect": "DOV-8349",
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2025-59028",
    "datePublished": "2026-03-27T08:10:15.246Z",
    "dateReserved": "2025-09-08T14:22:28.105Z",
    "dateUpdated": "2026-03-27T19:43:08.685Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-59031 (GCVE-0-2025-59031)

Vulnerability from cvelistv5 – Published: 2026-03-27 08:10 – Updated: 2026-03-27 19:42

Summary

Dovecot has provided a script to use for attachment to text conversion. This script unsafely handles zip-style attachments. Attacker can use specially crafted OOXML documents to cause unintended files on the system to be indexed and subsequently ending up in FTS indexes. Do not use the provided script, instead, use something else like FTS tika. No publicly available exploits are known.

Severity

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Assigner

References

1 reference

URL	Tags
https://documentation.open-xchange.com/dovecot/se…	vendor-advisory

Impacted products

1 product

Vendor	Product	Version
Open-Xchange GmbH	OX Dovecot Pro	Affected: 0 , ≤ 2.3.0 (semver)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-59031",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-27T19:42:31.241566Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-27T19:42:40.634Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "modules": [
            "core"
          ],
          "product": "OX Dovecot Pro",
          "vendor": "Open-Xchange GmbH",
          "versions": [
            {
              "lessThanOrEqual": "2.3.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Dovecot has provided a script to use for attachment to text conversion. This script unsafely handles zip-style attachments. Attacker can use specially crafted OOXML documents to cause unintended files on the system to be indexed and subsequently ending up in FTS indexes. Do not use the provided script, instead, use something else like FTS tika. No publicly available exploits are known."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "Exposure of Sensitive Information to an Unauthorized Actor",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-27T12:33:21.043Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://documentation.open-xchange.com/dovecot/security/advisories/csaf/2026/oxdc-adv-2026-0001.json"
        }
      ],
      "source": {
        "defect": "DOV-8584",
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2025-59031",
    "datePublished": "2026-03-27T08:10:15.956Z",
    "dateReserved": "2025-09-08T14:22:28.105Z",
    "dateUpdated": "2026-03-27T19:42:40.634Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-59032 (GCVE-0-2025-59032)

Vulnerability from cvelistv5 – Published: 2026-03-27 08:10 – Updated: 2026-03-27 19:42

Summary

ManageSieve AUTHENTICATE command crashes when using literal as SASL initial response. This can be used to crash ManageSieve service repeatedly, making it unavailable for other users. Control access to ManageSieve port, or disable the service if it's not needed. Alternatively upgrade to a fixed version. No publicly available exploits are known.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-20 - Improper Input Validation

Assigner

References

1 reference

URL	Tags
https://documentation.open-xchange.com/dovecot/se…	vendor-advisory

Impacted products

1 product

Vendor	Product	Version
Open-Xchange GmbH	OX Dovecot Pro	Affected: 0 , ≤ 3.1.0 (semver) Affected: 0 , ≤ 2.4.0 (semver)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-59032",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-27T19:41:50.066744Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-27T19:42:05.292Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "modules": [
            "core"
          ],
          "product": "OX Dovecot Pro",
          "vendor": "Open-Xchange GmbH",
          "versions": [
            {
              "lessThanOrEqual": "3.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "2.4.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ManageSieve AUTHENTICATE command crashes when using literal as SASL initial response. This can be used to crash ManageSieve service repeatedly, making it unavailable for other users. Control access to ManageSieve port, or disable the service if it\u0027s not needed. Alternatively upgrade to a fixed version. No publicly available exploits are known."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "Improper Input Validation",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-27T12:33:22.354Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://documentation.open-xchange.com/dovecot/security/advisories/csaf/2026/oxdc-adv-2026-0001.json"
        }
      ],
      "source": {
        "defect": "DOV-8508",
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2025-59032",
    "datePublished": "2026-03-27T08:10:16.612Z",
    "dateReserved": "2025-09-08T14:22:28.105Z",
    "dateUpdated": "2026-03-27T19:42:05.292Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-0394 (GCVE-0-2026-0394)

Vulnerability from cvelistv5 – Published: 2026-03-27 08:10 – Updated: 2026-03-27 19:41

Summary

When dovecot has been configured to use per-domain passwd files, and they are placed one path component above /etc, or slash has been added to allowed characters, path traversal can happen if the domain component is directory partial. This allows inadvertently reading /etc/passwd (or some other path which ends with passwd). If this file contains passwords, it can be used to authenticate wrongly, or if this is userdb, it can unexpectly make system users appear valid users. Upgrade to fixed version, or use different authentication scheme that does not rely on paths. Alternatively you can also ensure that the per-domain passwd files are in some other location, such as /etc/dovecot/auth/%d. No publicly available exploits are known.

Severity

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Assigner

References

1 reference

URL	Tags
https://documentation.open-xchange.com/dovecot/se…	vendor-advisory

Impacted products

1 product

Vendor	Product	Version
Open-Xchange GmbH	OX Dovecot Pro	Affected: 0 , ≤ 2.3.0 (semver)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-0394",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-27T19:41:07.297115Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-27T19:41:17.447Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "modules": [
            "core"
          ],
          "product": "OX Dovecot Pro",
          "vendor": "Open-Xchange GmbH",
          "versions": [
            {
              "lessThanOrEqual": "2.3.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "When dovecot has been configured to use per-domain passwd files, and they are placed one path component above /etc, or slash has been added to allowed characters, path traversal can happen if the domain component is directory partial. This allows inadvertently reading /etc/passwd (or some other path which ends with passwd). If this file contains passwords, it can be used to authenticate wrongly, or if this is userdb, it can unexpectly make system users appear valid users.  Upgrade to fixed version, or use different authentication scheme that does not rely on paths. Alternatively you can also ensure that the per-domain passwd files are in some other location, such as /etc/dovecot/auth/%d. No publicly available exploits are known."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-27T12:33:23.863Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://documentation.open-xchange.com/dovecot/security/advisories/csaf/2026/oxdc-adv-2026-0001.json"
        }
      ],
      "source": {
        "defect": "DOV-8591",
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2026-0394",
    "datePublished": "2026-03-27T08:10:17.375Z",
    "dateReserved": "2025-11-28T09:18:02.607Z",
    "dateUpdated": "2026-03-27T19:41:17.447Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-24031 (GCVE-0-2026-24031)

Vulnerability from cvelistv5 – Published: 2026-03-27 08:10 – Updated: 2026-03-27 19:40

Summary

Dovecot SQL based authentication can be bypassed when auth_username_chars is cleared by admin. This vulnerability allows bypassing authentication for any user and user enumeration. Do not clear auth_username_chars. If this is not possible, install latest fixed version. No publicly available exploits are known.

Severity

7.7 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Assigner

References

1 reference

URL	Tags
https://documentation.open-xchange.com/dovecot/se…	vendor-advisory

Impacted products

1 product

Vendor	Product	Version
Open-Xchange GmbH	OX Dovecot Pro	Affected: 0 , ≤ 3.1.0 (semver) Affected: 0 , ≤ 2.4.0 (semver)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-24031",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-27T19:40:25.458839Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-27T19:40:35.437Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "modules": [
            "core"
          ],
          "product": "OX Dovecot Pro",
          "vendor": "Open-Xchange GmbH",
          "versions": [
            {
              "lessThanOrEqual": "3.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "2.4.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Dovecot SQL based authentication can be bypassed when auth_username_chars is cleared by admin. This vulnerability allows bypassing authentication for any user and user enumeration. Do not clear auth_username_chars. If this is not possible, install latest fixed version. No publicly available exploits are known."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-89",
              "description": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-27T12:33:25.301Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://documentation.open-xchange.com/dovecot/security/advisories/csaf/2026/oxdc-adv-2026-0001.json"
        }
      ],
      "source": {
        "defect": "DOV-8781",
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2026-24031",
    "datePublished": "2026-03-27T08:10:18.100Z",
    "dateReserved": "2026-01-20T14:56:25.872Z",
    "dateUpdated": "2026-03-27T19:40:35.437Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-27855 (GCVE-0-2026-27855)

Vulnerability from cvelistv5 – Published: 2026-03-27 08:10 – Updated: 2026-03-27 19:39

Summary

Dovecot OTP authentication is vulnerable to replay attack under specific conditions. If auth cache is enabled, and username is altered in passdb, then OTP credentials can be cached so that same OTP reply is valid. An attacker able to observe an OTP exchange is able to log in as the user. If authentication happens over unsecure connection, switch to SCRAM protocol. Alternatively ensure the communcations are secured, and if possible switch to OAUTH2 or SCRAM. No publicly available exploits are known.

Severity

6.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-294 - Authentication Bypass by Capture-replay

Assigner

References

1 reference

URL	Tags
https://documentation.open-xchange.com/dovecot/se…	vendor-advisory

Impacted products

1 product

Vendor	Product	Version
Open-Xchange GmbH	OX Dovecot Pro	Affected: 0 , ≤ 2.3.0 (semver)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-27855",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-27T19:39:33.275509Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-27T19:39:50.286Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "modules": [
            "core"
          ],
          "product": "OX Dovecot Pro",
          "vendor": "Open-Xchange GmbH",
          "versions": [
            {
              "lessThanOrEqual": "2.3.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Dovecot OTP authentication is vulnerable to replay attack under specific conditions. If auth cache is enabled, and username is altered in passdb, then OTP credentials can be cached so that same OTP reply is valid. An attacker able to observe an OTP exchange is able to log in as the user. If authentication happens over unsecure connection, switch to SCRAM protocol. Alternatively ensure the communcations are secured, and if possible switch to OAUTH2 or SCRAM. No publicly available exploits are known."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-294",
              "description": "Authentication Bypass by Capture-replay",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-27T12:33:26.733Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://documentation.open-xchange.com/dovecot/security/advisories/csaf/2026/oxdc-adv-2026-0001.json"
        }
      ],
      "source": {
        "defect": "DOV-8859",
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2026-27855",
    "datePublished": "2026-03-27T08:10:18.821Z",
    "dateReserved": "2026-02-24T08:46:09.373Z",
    "dateUpdated": "2026-03-27T19:39:50.286Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-27856 (GCVE-0-2026-27856)

Vulnerability from cvelistv5 – Published: 2026-03-27 08:10 – Updated: 2026-03-27 13:45

Summary

Doveadm credentials are verified using direct comparison which is susceptible to timing oracle attack. An attacker can use this to determine the configured credentials. Figuring out the credential will lead into full access to the affected component. Limit access to the doveadm http service port, install fixed version. No publicly available exploits are known.

Severity

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-287 - Improper Authentication

Assigner

References

1 reference

URL	Tags
https://documentation.open-xchange.com/dovecot/se…	vendor-advisory

Impacted products

1 product

Vendor	Product	Version
Open-Xchange GmbH	OX Dovecot Pro	Affected: 0 , ≤ 2.3.0 (semver)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-27856",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-27T13:21:44.110751Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-27T13:45:12.231Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "modules": [
            "core"
          ],
          "product": "OX Dovecot Pro",
          "vendor": "Open-Xchange GmbH",
          "versions": [
            {
              "lessThanOrEqual": "2.3.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Doveadm credentials are verified using direct comparison which is susceptible to timing oracle attack. An attacker can use this to determine the configured credentials. Figuring out the credential will lead into full access to the affected component. Limit access to the doveadm http service port, install fixed version. No publicly available exploits are known."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-287",
              "description": "Improper Authentication",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-27T12:33:28.219Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://documentation.open-xchange.com/dovecot/security/advisories/csaf/2026/oxdc-adv-2026-0001.json"
        }
      ],
      "source": {
        "defect": "DOV-8830",
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2026-27856",
    "datePublished": "2026-03-27T08:10:19.537Z",
    "dateReserved": "2026-02-24T08:46:09.373Z",
    "dateUpdated": "2026-03-27T13:45:12.231Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-27857 (GCVE-0-2026-27857)

Vulnerability from cvelistv5 – Published: 2026-03-27 08:10 – Updated: 2026-03-27 12:39

Summary

Sending "NOOP (((...)))" command with 4000 parenthesis open+close results in ~1MB extra memory usage. Longer commands will result in client disconnection. This 1 MB can be left allocated for longer time periods by not sending the command ending LF. So attacker could connect possibly from even a single IP and create 1000 connections to allocate 1 GB of memory, which would likely result in reaching VSZ limit and killing the process and its other proxied connections. Attacker could connect possibly from even a single IP and create 1000 connections to allocate 1 GB of memory, which would likely result in reaching VSZ limit and killing the process and its other proxied connections. Install fixed version, there is no other remediation. No publicly available exploits are known.

Severity

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-400 - Uncontrolled Resource Consumption

Assigner

References

1 reference

URL	Tags
https://documentation.open-xchange.com/dovecot/se…	vendor-advisory

Impacted products

1 product

Vendor	Product	Version
Open-Xchange GmbH	OX Dovecot Pro	Affected: 0 , ≤ 2.3.0 (semver)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-27857",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-27T12:39:00.311649Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-27T12:39:48.150Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "modules": [
            "core"
          ],
          "product": "OX Dovecot Pro",
          "vendor": "Open-Xchange GmbH",
          "versions": [
            {
              "lessThanOrEqual": "2.3.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Sending \"NOOP (((...)))\" command with 4000 parenthesis open+close results in ~1MB extra memory usage. Longer commands will result in client disconnection. This 1 MB can be left allocated for longer time periods by not sending the command ending LF. So attacker could connect possibly from even a single IP and create 1000 connections to allocate 1 GB of memory, which would likely result in reaching VSZ limit and killing the process and its other proxied connections. Attacker could connect possibly from even a single IP and create 1000 connections to allocate 1 GB of memory, which would likely result in reaching VSZ limit and killing the process and its other proxied connections. Install fixed version, there is no other remediation. No publicly available exploits are known."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-27T12:33:29.627Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://documentation.open-xchange.com/dovecot/security/advisories/csaf/2026/oxdc-adv-2026-0001.json"
        }
      ],
      "source": {
        "defect": "DOV-8816",
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2026-27857",
    "datePublished": "2026-03-27T08:10:20.761Z",
    "dateReserved": "2026-02-24T08:46:09.373Z",
    "dateUpdated": "2026-03-27T12:39:48.150Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-27858 (GCVE-0-2026-27858)

Vulnerability from cvelistv5 – Published: 2026-03-27 08:10 – Updated: 2026-03-27 12:37

Summary

Attacker can send a specifically crafted message before authentication that causes managesieve to allocate large amount of memory. Attacker can force managesieve-login to be unavailable by repeatedly crashing the process. Protect access to managesieve protocol, or install fixed version. No publicly available exploits are known.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-400 - Uncontrolled Resource Consumption

Assigner

References

1 reference

URL	Tags
https://documentation.open-xchange.com/dovecot/se…	vendor-advisory

Impacted products

1 product

Vendor	Product	Version
Open-Xchange GmbH	OX Dovecot Pro	Affected: 0 , ≤ 2.3.0 (semver) Affected: 0 , ≤ 3.1.0 (semver) Affected: 0 , ≤ 2.4.0 (semver)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-27858",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-27T12:36:26.526829Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-27T12:37:09.762Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "modules": [
            "core"
          ],
          "product": "OX Dovecot Pro",
          "vendor": "Open-Xchange GmbH",
          "versions": [
            {
              "lessThanOrEqual": "2.3.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "3.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "2.4.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Attacker can send a specifically crafted message before authentication that causes managesieve to allocate large amount of memory.\r\n Attacker can force managesieve-login to be unavailable by repeatedly crashing the process. Protect access to managesieve protocol, or install fixed version. No publicly available exploits are known."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-27T12:33:31.126Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://documentation.open-xchange.com/dovecot/security/advisories/csaf/2026/oxdc-adv-2026-0001.json"
        }
      ],
      "source": {
        "defect": "DOV-8818",
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2026-27858",
    "datePublished": "2026-03-27T08:10:21.424Z",
    "dateReserved": "2026-02-24T08:46:09.374Z",
    "dateUpdated": "2026-03-27T12:37:09.762Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

WID-SEC-W-2026-0891

CVE-2025-30189 (GCVE-0-2025-30189)

CVE-2025-59028 (GCVE-0-2025-59028)

CVE-2025-59031 (GCVE-0-2025-59031)

CVE-2025-59032 (GCVE-0-2025-59032)

CVE-2026-0394 (GCVE-0-2026-0394)

CVE-2026-24031 (GCVE-0-2026-24031)

CVE-2026-27855 (GCVE-0-2026-27855)

CVE-2026-27856 (GCVE-0-2026-27856)

CVE-2026-27857 (GCVE-0-2026-27857)

CVE-2026-27858 (GCVE-0-2026-27858)

Tags

Sightings

Nomenclature