PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-27858 Open-Xchange GmbH CVE debrief

CVE-2026-27858 is a high-severity vulnerability in Dovecot's managesieve protocol. An attacker can send a specifically crafted message before authentication, causing managesieve to allocate a large amount of memory. This can be used to force managesieve-login to be unavailable by repeatedly crashing the process. To mitigate this vulnerability, access to the managesieve protocol should be protected, or a fixed version of Dovecot should be installed. According to the NVD, there are no publicly available exploits known for this vulnerability.

Vendor
Open-Xchange GmbH
Product
OX Dovecot Pro
CVSS
HIGH 7.5
CISA KEV
Not listed in stored evidence
Original CVE published
2026-03-27
Original CVE updated
2026-06-30
Advisory published
2026-03-27
Advisory updated
2026-06-30

Who should care

Administrators and users of Dovecot, particularly those using the managesieve protocol, should be aware of this vulnerability. This vulnerability has a high CVSS score of 7.5, indicating a high level of severity. Affected users should take immediate action to protect their systems.

Technical summary

The vulnerability exists in the managesieve protocol of Dovecot, allowing an attacker to cause a denial of service by crashing the managesieve-login process. This is achieved by sending a specifically crafted message before authentication, which causes managesieve to allocate a large amount of memory. The CVSS vector for this vulnerability is CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H, indicating a high level of severity. The vulnerability is classified under CWE-400 (Uncontrolled Resource Consumption) and CWE-770 (Allocation of Resources Without Limits or Throttling).

Defensive priority

High priority should be given to patching or mitigating this vulnerability, as it can be used to cause a denial of service. Administrators should protect access to the managesieve protocol or install a fixed version of Dovecot.

Recommended defensive actions

  • Protect access to the managesieve protocol
  • Install a fixed version of Dovecot
  • Monitor for suspicious activity on the managesieve protocol
  • Consider implementing compensating controls to limit the impact of this vulnerability
  • Review and update incident response plans to address potential denial of service attacks

Evidence notes

The CVE record and NVD detail provide information on this vulnerability, including its CVSS score and vector. The vendor advisory from Open Xchange provides mitigation and patch information. Red Hat has also provided errata for affected systems.

Official resources

This article is AI-assisted and based on the supplied source corpus.