Sign In

CVE-2026-4873

ADVISORY - nist

Summary

A vulnerability exists where a connection requiring TLS incorrectly reuses an existing unencrypted connection from the same connection pool. If an initial transfer is made in clear-text (via IMAP, SMTP, or POP3), a subsequent request to that same host bypasses the TLS requirement and instead transmit data unencrypted.

EPSS Score: 0.00018 (0.049)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-295

Improper Certificate Validation

CWE-319

Cleartext Transmission of Sensitive Information

ADVISORY - redhat

CWE-319

Cleartext Transmission of Sensitive Information

Impacted images

Advisories

NIST

CREATED

UPDATED

ADVISORY IDCVE-2026-4873
EXPLOITABILITY SCORE

2.2

EXPLOITS FOUND
COMMON WEAKNESS ENUMERATION (CWE)
CWE-295CWE-319

CVSS SCORE

5.9medium

Alpine

CREATED

UPDATED

ADVISORY IDCVE-2026-4873
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

UPDATED

ADVISORY IDCVE-2026-4873
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

UPDATED

ADVISORY IDCVE-2026-4873
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Red Hat

CREATED

UPDATED

ADVISORY IDCVE-2026-4873
EXPLOITABILITY SCORE

1.6

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-319

CVSS SCORE

5.3medium

Photon

CREATED

UPDATED

ADVISORY ID

CVE-2026-4873

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

5.9medium

minimos

CREATED

UPDATED

ADVISORY ID

MINI-4fvj-7j6r-cfpg

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

UPDATED

ADVISORY ID

MINI-749q-8cfx-fw4g

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY