PT-2026-3663 · Pypi+3 · Imaplib+3

Published

2026-01-16

·

Updated

2026-05-22

·

CVE-2025-15366

CVSS v2.0

7.5

High

VectorAV:N/AC:L/Au:S/C:N/I:P/A:C
Name of the Vulnerable Software and Affected Versions imaplib (affected versions not specified)
Description The imaplib module is susceptible to command injection when processing user-supplied commands. Specifically, the module can be exploited by injecting additional commands using newline characters. A mitigation has been implemented to reject commands containing control characters.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Command Injection

Weakness Enumeration

CWE-77

Related Identifiers

ALSA-2026:2128
ALSA-2026:4165
ALSA-2026:4168
ALSA-2026:4216
ALSA-2026:4463
ALSA-2026:4473
ALSA-2026:4713
AZL-75029
AZL-75041
BDU:2026-05128
BIT-LIBPYTHON-2025-15366
BIT-PYTHON-2025-15366
BIT-PYTHON-MIN-2025-15366
CVE-2025-15366
ECHO-A3AD-1E4F-AC31
OPENSUSE-SU-2026:10152-1
OPENSUSE-SU-2026:10200-1
OPENSUSE-SU-2026:10206-1
OPENSUSE-SU-2026:10221-1
OPENSUSE-SU-2026:10222-1
PSF-2026-3
RHSA-2026:2128
RHSA-2026:4165
RHSA-2026:4168
RHSA-2026:4216
RHSA-2026:4463
RHSA-2026:4473
RHSA-2026:4713
RHSA-2026:4746
RHSA-2026:5152
RHSA-2026:5215
RHSA-2026:5216
RHSA-2026:5218
RHSA-2026:5219
RHSA-2026:5221
RHSA-2026:5223
RHSA-2026:5225
RHSA-2026:5226
RHSA-2026:5315
RHSA-2026:5393
RHSA-2026:5399
RHSA-2026:5979
RHSA-2026:6007
RHSA-2026:6008
RHSA-2026:6253
RHSA-2026:6464
RHSA-2026:8822
RHSA-2026:8824
RHSA-2026:9228
SUSE-SU-2026:0590-1
SUSE-SU-2026:0612-1
SUSE-SU-2026:0613-1
SUSE-SU-2026:0643-1
SUSE-SU-2026:0644-1
SUSE-SU-2026:0645-1
SUSE-SU-2026:0663-1
SUSE-SU-2026:0664-1
SUSE-SU-2026:0693-1
SUSE-SU-2026:0767-1
SUSE-SU-2026:20665-1
SUSE-SU-2026:20710-1
USN-8018-1
USN-8018-2

Affected Products

Linuxmint
Rocky Linux
Ubuntu
Imaplib