Plattform
linux
Komponente
ox-dovecot-pro-managesieve
Behoben in
2.3.1
3.1.1
2.4.1
CVE-2026-27858 describes a memory exhaustion vulnerability in Dovecot Pro managesieve, impacting versions 0.0 through 3.1.0. An attacker can trigger this by sending a specially crafted message before authentication, leading to excessive memory allocation and potential denial of service. The vulnerability can render the managesieve-login process unavailable by repeatedly crashing it. A fixed version is recommended to resolve this issue.
The primary impact of CVE-2026-27858 is a denial-of-service condition. An attacker can repeatedly crash the managesieve process by sending malicious messages, rendering it unavailable to legitimate users. This can disrupt email management tasks and potentially impact business operations. While the vulnerability doesn't directly lead to data exfiltration or remote code execution, the disruption caused by the DoS can be significant. The ability to repeatedly crash the process suggests a potential for resource exhaustion and broader system instability if not addressed.
CVE-2026-27858 is currently not listed on KEV or EPSS. The vulnerability's severity is assessed as High (CVSS 7.5). No publicly available exploits are known at this time, but the ease of triggering the DoS condition suggests a potential for exploitation if a suitable exploit is developed. The vulnerability was published on 2026-03-27.
Organizations relying on Dovecot Pro managesieve for email management, particularly those with publicly accessible managesieve endpoints, are at risk. Environments with legacy configurations or those lacking robust access controls are especially vulnerable.
• linux / server:
journalctl -u dovecot -f | grep -i 'managesieve-login' -i 'memory allocation'• linux / server:
ps aux | grep managesieve-login | grep -v grep | awk '{print $6}' | sort -n | tail -1• generic web: Monitor system memory usage for unusual spikes, particularly related to the dovecot process.
disclosure
Exploit-Status
EPSS
0.06% (18% Perzentil)
CISA SSVC
CVSS-Vektor
The recommended mitigation for CVE-2026-27858 is to upgrade to a patched version of OX Dovecot Pro. Until an upgrade is possible, restrict access to the managesieve protocol to trusted users and systems. Implement rate limiting on incoming managesieve connections to prevent an attacker from overwhelming the system with malicious requests. Consider deploying a Web Application Firewall (WAF) or proxy to filter potentially malicious messages before they reach the managesieve server. After upgrading, confirm the fix by attempting to trigger the vulnerability with a crafted message and verifying that the process remains stable.
Actualice OX Dovecot Pro a una versión posterior a 3.1.0 o implemente medidas de protección de acceso al protocolo managesieve. Esto evitará que atacantes envíen mensajes maliciosos que consuman grandes cantidades de memoria y provoquen la caída del servicio. Consulte la documentación de Open-Xchange para obtener más detalles sobre las medidas de protección.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-27858 is a HIGH severity vulnerability affecting Dovecot Pro managesieve versions 0.0 - 3.1.0. A crafted message can cause excessive memory allocation, potentially crashing the managesieve-login process.
If you are using Dovecot Pro managesieve versions 0.0 through 3.1.0, you are potentially affected by this vulnerability. Upgrade to a patched version as soon as possible.
The recommended fix is to upgrade Dovecot Pro managesieve to a version that includes the patch. If upgrading is not immediately possible, restrict access to the managesieve protocol.
Currently, no public exploits are known, but the ease of triggering the vulnerability raises concerns about potential future exploitation.
Refer to the official Dovecot security advisories on the Dovecot website for the latest information and updates regarding CVE-2026-27858.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.