Pending AI Enrichment

This vulnerability was recently detected via the live feed and has not yet been processed by Precogs AI's context enrichment engine. The data below represents raw telemetric data.

RAW NVD TELEMETRY

CVE-2026-27856

CVSS Base Score

7.4 HIGH

Primary Weakness

CWE-287

Published Date

Mar 27, 2026

Data Source

NVD API

Doveadm credentials are verified using direct comparison which is susceptible to timing oracle attack. An attacker can use this to determine the configured credentials. Figuring out the credential will lead into full access to the affected component. Limit access to the doveadm http service port, install fixed version. No publicly available exploits are known.

Related Vulnerabilitiesvia CWE-287

View all CWE-287 vulnerabilities →

Explore Precogs Intelligence

●The Vulnerability Hub ●AI-Generated Code Exploits ●Enterprise Security Guides ●OWASP Top 10 Taxonomy