Cyber Posture

CVE-2026-42258

CriticalRCEUpdated

Published: 09 May 2026

Published
09 May 2026
Modified
18 May 2026
KEV Added
Patch
CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0016 36.3th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-42258 is a critical-severity Command Injection (CWE-77) vulnerability in Ruby-Lang Net\. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Command and Scripting Interpreter (T1059); ranked at the 36.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

Threat & Defense at a Glance

What attackers do: exploitation maps to Command and Scripting Interpreter (T1059) and 1 other technique.
Threat & Defense Details

MITRE ATT&CK Enterprise TechniquesAI

T1059 Command and Scripting Interpreter Execution
Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries.
attack.mitre.org →
T1071.003 Mail Protocols Command And Control
Adversaries may communicate using application layer protocols associated with electronic mail delivery to avoid detection/network filtering by blending in with existing traffic.
attack.mitre.org →
Why these techniques?

CRLF/command injection in IMAP client library directly enables arbitrary IMAP command execution (T1059) and abuse of mail protocols (T1071.003).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

NVD Description

Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, symbol arguments to commands are vulnerable to a CRLF Injection / IMAP Command injection via Symbol arguments passed to IMAP commands. This…

more

issue has been patched in versions 0.4.24, 0.5.14, and 0.6.4.

Deeper analysisAI

Automated synthesis unavailable for this CVE.

Details

CWE(s)
CWE-77CWE-93

Affected Products

ruby-lang
net\
\

References