Vulnerability in Ruby Net-imap
CVE-2026-47241
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to 0.6.5 and 0.5.15, several Net::IMAP commands accept a raw string argument which is only validated to prevent CRLF injection and then sent v…
Affected products
- Ruby Net-imap — versions >= 0.6.0, < 0.6.4.1, < 0.5.15
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)