Critical severity9.8NVD Advisory· Published May 26, 2025· Updated Apr 15, 2026
CVE-2025-23394
CVE-2025-23394
Description
A UNIX Symbolic Link (Symlink) Following vulnerability in openSUSE Tumbleweed cyrus-imapd allows escalation from cyrus to root.This issue affects openSUSE Tumbleweed cyrus-imapd before 3.8.4-2.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: <3.8.4-2.1
- osv-coords2 versionspkg:rpm/opensuse/cyrus-imapd&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/cyrus-imapd&distro=openSUSE%20Tumbleweed
< 3.8.6-bp160.1.1+ 1 more
- (no CPE)range: < 3.8.6-bp160.1.1
- (no CPE)range: < 3.8.4-2.1
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.