CVE-2026-47083
Received Received - Intake

ESEARCH Cross-User Content Oracle in Cyrus IMAP

Vulnerability report for CVE-2026-47083, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-16

Last updated on: 2026-07-16

Assigner: MITRE

Description

An issue was discovered in cyrus-imapd in Cyrus IMAP through 3.12.2. There is an ESEARCH cross-user content oracle. By using the ESEARCH command, an authenticated IMAP user could enumerate folder names under any account they could name. Search would return UIDs of messages matching the search, creating a content oracle (without allowing arbitrary reads of the target's content).

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-16
Last Modified
2026-07-16
Generated
2026-07-16
AI Q&A
2026-07-16
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
cyrus_imapd cyrus_imapd 3.12.2

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-204 The product provides different responses to incoming requests in a way that reveals internal state information to an unauthorized actor outside of the intended control sphere.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability in cyrus-imapd through 3.12.2 allows an authenticated IMAP user to exploit the ESEARCH command to enumerate folder names under any account they can name. The search returns UIDs of matching messages, creating a content oracle that reveals information without direct access to the target's content.

Impact Analysis

An attacker could use this to discover folder names in other users' accounts, potentially exposing sensitive information about the structure or existence of folders. This could aid further attacks like targeted phishing or privilege escalation.

Compliance Impact

This vulnerability may violate data protection regulations like GDPR or HIPAA by enabling unauthorized access to information about user data structures, potentially compromising confidentiality and integrity requirements.

Mitigation Strategies

Upgrade cyrus-imapd to version 3.12.3 or later to address the ESEARCH cross-user content oracle vulnerability. Ensure only authorized users have IMAP access and monitor for unusual search activity.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-47083. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart