<p>Posted by ㅤevan via Fulldisclosure on Jul 02</p>this is my first time sending to a mailing list so ive chosen<br> something easy. here goes:<br> <br> Summary: Horde Groupware’s IMP Webma…
| CVE ID | CVE-2026-58451 |
| Vendor | SecLists |
| Affected Product | Multiple Targets |
| Vulnerability Type | Zero-Day Exploit |
| CVSS Score | 8.0 (HIGH) |
| Actively Exploited | ✅ Yes |
| Patch Status | See Vendor Advisory → |
| Reported By | CYBERDUDEBIVASH SENTINEL APEX Intelligence (via fulldisclosure) |
<p>Posted by ㅤevan via Fulldisclosure on Jul 02</p>this is my first time sending to a mailing list so ive chosen<br> something easy. here goes:<br> <br> Summary: Horde Groupware’s IMP Webmail solution contains a path<br> traversal/local file inclusion vulnerability which could be exploited<br> to escalate privileges or bypass authentication (through CSRF if<br> unauthenticated).<br> <br> the vulnerability is in here:<br> <br> } elseif (strcasecmp($node-&gt;tagName, &apos;IMG&apos;) === 0) {<br> /* Check f
Sigma rules, YARA signatures, IOC table, and SIEM queries for Splunk, Elastic, Sentinel, and Chronicle — deployable in 5 minutes.