惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

www.infosecurity-magazine.com
www.infosecurity-magazine.com
D
DataBreaches.Net
T
Tailwind CSS Blog
M
MIT News - Artificial intelligence
Stack Overflow Blog
Stack Overflow Blog
F
Full Disclosure
V2EX - 技术
V2EX - 技术
N
News and Events Feed by Topic
Help Net Security
Help Net Security
L
LangChain Blog
Y
Y Combinator Blog
宝玉的分享
宝玉的分享
Google Online Security Blog
Google Online Security Blog
P
Proofpoint News Feed
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
T
The Blog of Author Tim Ferriss
Google DeepMind News
Google DeepMind News
The Register - Security
The Register - Security
B
Blog RSS Feed
N
Netflix TechBlog - Medium
N
News | PayPal Newsroom
TaoSecurity Blog
TaoSecurity Blog
酷 壳 – CoolShell
酷 壳 – CoolShell
V
Vulnerabilities – Threatpost
B
Blog
C
Cyber Attacks, Cyber Crime and Cyber Security
I
Intezer
H
Hackread – Cybersecurity News, Data Breaches, AI and More
博客园_首页
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
AI
AI
aimingoo的专栏
aimingoo的专栏
大猫的无限游戏
大猫的无限游戏
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Cyberwarzone
Cyberwarzone
P
Proofpoint News Feed
Google DeepMind News
Google DeepMind News
G
GRAHAM CLULEY
Vercel News
Vercel News
罗磊的独立博客
MyScale Blog
MyScale Blog
Last Week in AI
Last Week in AI
博客园 - 司徒正美
C
CERT Recently Published Vulnerability Notes
GbyAI
GbyAI
Scott Helme
Scott Helme
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
T
Troy Hunt's Blog
A
About on SuperTechFans
P
Privacy International News Feed

Full Disclosure

[NotCVE-2026-0001] Cloudflare Universal SSL CAA augmentation weakens RFC 8657 account binding — CVE-2026-14440 assigned 163 days after public no-CVE disclosure Full Disclosure: Subject: Advisory Submission: EZ Game Booster Full Disclosure: CVE-2026-56877 - Skillable SCORM userId authorisation bypass Full Disclosure: [REVIVE-SA-2026-003] Revive Adserver Vulnerabilities Full Disclosure: OPNsense XPATH Injection (CVE-2026-53582) Authentication Bypass for SafeLine SL6 and SL6+ confidentiality and anonymity leakage to third parties Full Disclosure: OpenBlow Multiple Deanonymization Vulnerabilities Site-access password exposed in web server access logs via GET query string Full Disclosure: APPLE-SA-06-29-2026-3 Safari 26.5.2 Full Disclosure: APPLE-SA-06-29-2026-2 macOS Tahoe 26.5.2 APPLE-SA-06-29-2026-1 iOS 26.5.2 and iPadOS 26.5.2 symlink following and TOCTOU in privileged upload handler allow arbitrary file write as root [KIS-2026-12] Control Web Panel <= 0.9.8.1224 (userRes) SQL Injection Vulnerability Full Disclosure: [fulldis] CVE-2026-58451 - Horde Groupware IMP path traversal vuln Full Disclosure: Samsung Galaxy Buds – Zero-Click HFP/A2DP Takeover via L2CAP Session Preemption (Vendor Response: Working as Intended) Full Disclosure: Asterisk Security Release 23.4.1 Full Disclosure: Asterisk Security Release 22.10.1 Full Disclosure: Asterisk Security Release 21.12.3 Full Disclosure: Asterisk Security Release 20.20.1 Certified Asterisk Security Release certified-22.8-cert3 Certified Asterisk Security Release certified-20.7-cert11 Zig std.http chunked reader integer overflow -> unauthenticated remote DoS Remote Kernel Stack Disclosure via MPLS Label Stack Over-read Full Disclosure: OpenBSD sppp_pap_input: PAP authentication bypass Full Disclosure: SEC Consult SA-20260618-0 :: Hardcoded Root Cloud Credentials in Application Binaries in Silver Leaf Technologies Full Disclosure: SEC Consult SA-20260617-1 :: Multiple Vulnerabilities in Quanos Content Solutions Multiple Critical Vulnerabilities in Sprecher Automation SPRECON-E-C/-E-P/-E-T3 Full Disclosure: SEC Consult SA-20260616-0 :: Broken Access Control in syracom AG Secure Login (2FA) for Atlassian Jira / Confluence APPLE-SA-06-16-2026-1 Beats Firmware Update 1B211 PHP 8.5.7 `levenshtein()` signed-integer overflow Full Disclosure: PHP 8.5.7 `dom_xml_serialization_algorithm()` stack-overflow PHP 8.5.7 `mb_substr()` 'SJIS-mac' size_t underflow PHP 8.5.7 `FILTER_SANITIZE_ENCODED` uninitialized read Cross-Tenant Authentication Bypass by Spoofing in N-able Mail Assure Multiple Vulnerabilities in Wertheim SafeController Hardware for VAULT ROOMS (Safe Deposit Locker System – Microcontroller) Multiple Critical Vulnerabilities in Wertheim SafeController Software for VAULT ROOMS (Safe Deposit Locker System) Local Privilege Escalation in Slate Digital Connect (macOS) Full Disclosure: SEC Consult SA-20260609-0 :: Multiple Local Privilege Escalation Vulnerabilities in Waves Audio [KIS-2026-11] Discuz! <= X5.0 (enable_disable.php) Local File Inclusion Vulnerability [KIS-2026-10] Discuz! <= X5.0 OCR-based CAPTCHA Bypass Vulnerability [KIS-2026-09] Discuz! X5.0 (UC_KEY) Cross-Context Token Reuse Vulnerability Privilege Escalation via Binary Planting in Genetec-provided RabbitMQ in multiple Genetec products [SYSS-2026-004] SAP NetWeaver SAML XML Signature Wrapping Full Disclosure: [REVIVE-SA-2026-002] Revive Adserver Vulnerabilities Full Disclosure: CyberDanube Security Research 20260528-0 four vulnerabilities — two unfixed, GHSA without a CVE Full Disclosure: Re: Dovecot Security Advisory OXDC-2026-0002 SSRF in Anthropic mcp-server-fetch and Microsoft playwright-mcp — publicly disclosed via GitHub issues Full Disclosure: [SECURITY ADVISORY] CVE-2021-21735 Full Disclosure: [SECURITY ADVISORY] CVE-2026-34474 Full Disclosure: [SECURITY ADVISORY] CVE-2026-34472 Full Disclosure: [SECURITY ADVISORY] CVE-2026-34473 Multiple vulnerabilities in Sparx Pro Cloud Server and Enterprise Architect Full Disclosure: APPLE-SA-05-13-2026-1 Safari 26.5 Full Disclosure: APPLE-SA-05-11-2026-11 visionOS 26.5 Full Disclosure: APPLE-SA-05-11-2026-10 watchOS 26.5 Full Disclosure: APPLE-SA-05-11-2026-9 tvOS 26.5 Full Disclosure: APPLE-SA-05-11-2026-8 macOS Sonoma 14.8.7 Full Disclosure: APPLE-SA-05-11-2026-7 macOS Sequoia 15.7.7 APPLE-SA-05-11-2026-5 iOS 15.8.8 and iPadOS 15.8.8 APPLE-SA-05-11-2026-4 iOS 16.7.16 and iPadOS 16.7.16 Full Disclosure: APPLE-SA-05-11-2026-3 iPadOS 17.7.11 APPLE-SA-05-11-2026-2 iOS 18.7.9 and iPadOS 18.7.9 APPLE-SA-05-11-2026-1 iOS 26.5 and iPadOS 26.5 Impersonation attacks on Edupage portal Edupage web and mobile application authorization bypass leaks PII and IBAN codes Arbitrary File Read and Server Side Request Forgery via XML External Entities in Lobster_pro (CVE-2024-13971) Arbitrary File Read and Server Side Request Forgery via XML External Entities in 4D Server SOAP (CVE-2024-39847) ESP-RFID-Tool v2 PRO — Full Public Disclosure DLL Hijacking in EfficientLab Controlio (cloud-based employee monitoring service) Broken Access Control in Config Endpoint in LiteLLM Exposed Private Key of X.509 Certificate in SAP HANA Cockpit & SAP HANA Database Explorer APPLE-SA-04-22-2026-2 iOS 18.7.8 and iPadOS 18.7.8 APPLE-SA-04-22-2026-1 iOS 26.4.2 and iPadOS 26.4.2 When Trusted Tools Become Attack Primitives [KIS-2026-08] SocialEngine <= 7.8.0 (get-memberall) SQL Injection Vulnerability [KIS-2026-07] SocialEngine <= 7.8.0 Blind Server-Side Request Forgery Vulnerability Full Disclosure: Trojan-Spy.Win32.Small / Remote Command Execution Full Disclosure: [IWCC 2026] CfP: 15th International Workshop on Cyber Crime GoAnywhere MFT Email HTML Injection Full Disclosure: CyberDanube Security Research 20260408-1 Full Disclosure: CyberDanube Security Research 20260408-0 Improper Enforcement of Locked Accounts in WebUI (SSO) in Kiuwan SAST on-premise (KOP) & cloud/SaaS Broken Access Control in Open WebUI Full Disclosure: SEC Consult SA-20260326-0 :: Local Privilege Escalation in Vienna Assistant (MacOS) 14 Third-Party Endpoints, 6 Countries, Zero User Visibility [KIS-2026-06] MetInfo CMS <= 8.1 (weixinreply.class.php) PHP Code Injection Vulnerability [CVE-2026-33691] OWASP CRS whitespace padding bypass vulnerability Full Disclosure: APPLE-SA-03-24-2026-10 Xcode 26.4 Full Disclosure: APPLE-SA-03-24-2026-9 Safari 26.4 Full Disclosure: APPLE-SA-03-24-2026-8 visionOS 26.4 Full Disclosure: APPLE-SA-03-24-2026-7 watchOS 26.4 Full Disclosure: APPLE-SA-03-24-2026-6 tvOS 26.4 Full Disclosure: APPLE-SA-03-24-2026-5 macOS Sonoma 14.8.5 Full Disclosure: APPLE-SA-03-24-2026-4 macOS Sequoia 15.7.5 Full Disclosure: APPLE-SA-03-24-2026-3 macOS Tahoe 26.4 APPLE-SA-03-24-2026-2 iOS 18.7.7 and iPadOS 18.7.7 APPLE-SA-03-24-2026-1 iOS 26.4 and iPadOS 26.4
Full Disclosure: Dovecot Security Advisory OXDC-2026-0002
2026-05-18 · via Full Disclosure
fulldisclosure logo

Full Disclosure mailing list archives


From: Aki Tuomi <aki.tuomi () dovecot fi>
Date: Tue, 12 May 2026 16:41:30 +0300 (EEST)

Hi!

We're sharing our latest advisory with you and like to thank everyone who contributed in finding and solving those 
vulnerabilities. This advisory is also published at 
https://documentation.open-xchange.com/dovecot/security/advisories/html/2026/oxdc-adv-2026-0002.html

---

Classification: TLP:GREEN

Internal reference: DOV-8967
Type: CWE-235 (Improper Handling of Extra Parameters)
Component: core
Report confidence: Confirmed
Solution status: Fixed by vendor
Last affected revision: OX Dovecot Pro core 3.1.4, OX Dovecot CE core 2.4.3
First fixed revision: OX Dovecot Pro core 3.1.5, OX Dovecot CE core 2.4.4
Discovery date: 2026-03-29
Solution date: 2026-05-05
Disclosure date: 2026-05-05
Researcher credits: caprinuxx@yeswehack
CVE: CVE-2026-27851
CVSS: 7.4 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)

Details:
lib-var-expand: Safe filter leaks to all following pipelines. When safe filter is used with variable expansion, all 
following pipelines on the same string are incorrectly interpreted as safe too, enabling unsafe data to be unescaped.

Risk:
This can enable SQL / LDAP injection attacks when used in authentication. No publicly available exploits are known.

Solution:
Avoid using safe filter until on fixed version.



---



Internal reference: DOV-8948
Type: CWE-400 (Uncontrolled Resource Consumption)
Component: core
Report confidence: Confirmed
Solution status: Fixed by vendor
Last affected revision: OX Dovecot Pro core 2.3.0
First fixed revision: OX Dovecot Pro core 3.1.5, OX Dovecot CE core 2.4.4
Discovery date: 2026-03-24
Solution date: 2026-05-05
Disclosure date: 2026-05-05
Researcher credits: djvirus@yeswehack
CVE: CVE-2026-40016
CVSS: 5.3 (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H)

Details:
Sieve :contains/:matches O(N×M) Substring Match Bypasses sieve_max_cpu_time Limit (130× Overrun). Attacker can upload a 
malicious Sieve script over ManageSieve service (or locally) to bypass configured CPU time limits for Sieve up to 130 
times of the configured limit.

Risk:
Attacker can use this to degrade server performance and bypass configured CPU time limits for Sieve scripts. No 
publicly available exploits are known.

Solution:
Install fixed version, or alternatively prevent direct access to Sieve scripts via ManageSieve or local access.



---



Internal reference: DOV-9030
Type: CWE-99 (Improper Control of Resource Identifiers ('Resource Injection'))
Component: core
Report confidence: Confirmed
Solution status: Fixed by vendor
Last affected revision: OX Dovecot Pro core 3.1.0, OX Dovecot CE core 2.4.0
First fixed revision: OX Dovecot Pro core 3.1.5, OX Dovecot CE core 2.4.4
Discovery date: 2026-04-08
Solution date: 2026-05-05
Disclosure date: 2026-05-05
Researcher credits: ylwango613@yeswehack
CVE: CVE-2026-33603
CVSS: 6.8 (CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)

Details:
login: Base64 input can contain tabs that bypass IPC protection. Attacker can use a specially crafted base64 exchange 
between Dovecot and Client to fake SCRAM TLS channel binding. This requires that the attacker is able to position 
itself between Dovecot and the client connection.

Risk:
If successful, the attacker can eavesdrop communications between Dovecot and client as MITM proxy. No publicly 
available exploits are known.

Solution:
Install fixed version.



---



Internal reference: DOV-9040
Type: CWE-284 (Improper Access Control)
Component: core
Report confidence: Confirmed
Solution status: Fixed by vendor
Last affected revision: OX Dovecot Pro core 2.3.0
First fixed revision: OX Dovecot Pro core 3.1.5, OX Dovecot CE core 2.4.4
Discovery date: 2026-04-08
Solution date: 2026-05-05
Disclosure date: 2026-05-05
Researcher credits: ilhamaf@yeswehack
CVE: CVE-2026-40020
CVSS: 3.1 (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L)

Details:
IMAP folders can be shared-spammed to everyone. Attacker can use the IMAP SETACL command to inject the anyone 
permission to user's dovecot-acl file even if imap_acl_allow_anyone=no. This causes folders to be spammed to all users.

Risk:
The impact is limited to being able to spam folders to other users, no unexpected access is gained. No publicly 
available exploits are known.

Solution:
Install to fixed version.



---



Internal reference: DOV-9138
Type: CWE-400 (Uncontrolled Resource Consumption)
Component: core
Report confidence: Confirmed
Solution status: Fixed by vendor
Last affected revision: OX Dovecot Pro core 3.0.5, OX Dovecot Pro core 3.1.4, OX Dovecot CE core 2.4.3
First fixed revision: OX Dovecot Pro core 3.1.5, OX Dovecot CE core 2.4.4
Discovery date: 2026-04-27
Solution date: 2026-05-05
Disclosure date: 2026-05-05
Researcher credits: D4RKCYPH3R@yeswehack
CVE: CVE-2026-42006
CVSS: 4.3 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)

Details:
imap-login: Excessive memory usage DoS - Try 2. An attacker can cause uncontrolled memory usage with excessive bracing 
over IMAP. The fix in CVE-2026-27857 was incomplete, only blocking one way of doing this, so there was still another 
way left open. In particular, the fix was for closing braces, but you could still use open braces to bypass the limit.

Risk:
Using excessive bracing, attacker can cause memory usage up to configured memory limit. No publicly available exploits 
are known.

Solution:
Install fixed version, or configure vsz_limit for imap process to low value.

Attachment: signature.asc
Description:

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/

Current thread: