CVE-2026-47082 | cyrusimap Cyrus IMAP up to 3.12.2 Vacation permission (WID-SEC-2026-2387)
A vulnerability was found in cyrusimap Cyrus IMAP up to 3.12.2. It has been declared as critical. The affected element is an unknown function of the component Vacation. Such manipulation leads to permission issues.
This vulnerability is documented as CVE-2026-47082. The attack can be executed remotely. There is not any exploit available.