CVE-2026-47084 in Cyrus IMAP
Resumen
por MITRE • 2026-07-16
An issue was discovered in cyrus-imapd in Cyrus IMAP through 3.12.2. The LOCALDELETE command bypassed ACL checks. An authenticated but non-admin user could invoke the admin-only LOCALDELETE IMAP command and delete mailboxes for which they had no permissions.
If you want to get best quality of vulnerability data, you may have to visit VulDB.