VDB

TNCVE-2026-42258

TNCVE-2026-42258 PUBLISHED

Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, symbol arguments to commands are vulnerable to a CRLF Injection / IMAP Command injection via Symbol arguments passed to IMAP commands. This issue has been patched in versions 0.4.24, 0.5.14, and 0.6.4.

Timeline

  • May 4, 2026 CVE Published

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›