CVE-2026-47087
EUVD-2026-4501016.07.2026, 19:16
An issue was discovered in cyrus-imapd in Cyrus IMAP through 3.12.2. URLAUTH does not honor revoked authorizer access. A URLAUTH URL minted while the authorizer had access continued to work after that access was revoked.Enginsight
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| cyrusimap | cyrus_imap | 𝑥 < 3.12.3 | CNA |
Common Weakness Enumeration