CVE-2026-27859_CVE-2026-27859

5.3 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Description

A mail message containing excessive amount of RFC 2231 MIME parameters causes LMTP to use too much CPU. A suitably formatted mail message causes mail delivery process to consume large amounts of CPU time. Use MTA capabilities to limit RFC 2231 MIME parameters in mail messages, or upgrade to fixed version where the processing is limited. No publicly available exploits are known.

Basic Information

ID CVE-2026-27859

Source OX

Published Mar 27, 2026 at 08:10

Modified Mar 27, 2026 at 12:35

Affected Product

Vendor Open-Xchange GmbH

Product OX Dovecot Pro

Affected Versions Open-Xchange GmbH OX Dovecot Pro 0
Open-Xchange GmbH OX Dovecot Pro 0
Open-Xchange GmbH OX Dovecot Pro 0

References

documentation.open-xchange.com /dovecot/security/advisories/csaf/2026/oxdc-adv-2026-0001.json

{
    "lastseen": "",
    "description": "A mail message containing excessive amount of RFC 2231 MIME parameters causes LMTP to use too much CPU. A suitably formatted mail message causes mail delivery process to consume large amounts of CPU time. Use MTA capabilities to limit RFC 2231 MIME parameters in mail messages, or upgrade to fixed version where the processing is limited. No publicly available exploits are known.",
    "published": "2026-03-27T08:10:22.058Z",
    "modified": "2026-03-27T12:35:14.776Z",
    "type": "cve",
    "title": "CVE-2026-27859",
    "source": "OX",
    "references": "https://documentation.open-xchange.com/dovecot/security/advisories/csaf/2026/oxdc-adv-2026-0001.json",
    "id": "CVE-2026-27859",
    "bulletinFamily": "",
    "cwe": null,
    "cvelist": null,
    "sourceData": "Open-Xchange GmbH OX Dovecot Pro 0\nOpen-Xchange GmbH OX Dovecot Pro 0\nOpen-Xchange GmbH OX Dovecot Pro 0",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "OX Dovecot Pro",
    "version": "0",
    "vendor": "Open-Xchange GmbH",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Description

Basic Information

Affected Product

References

💭 Join the Security Discussion ❌ Cancel Reply