CVE-2026-47087
LOW
NVD
CVSS Score
3.5
Severity
LOW
Published
Jul 16, 2026
Vendor
unknown
Description
An issue was discovered in cyrus-imapd in Cyrus IMAP through 3.12.2. URLAUTH does not honor revoked authorizer access. A URLAUTH URL minted while the authorizer had access continued to work after that access was revoked.