We are using net-imap version 0.5.4, which may have a possible CVE https://nvd.nist.gov/vuln/detail/CVE-2025-43857 (under analysis)
We should bump net-imap to 0.5.8 which has fix: ruby/net-imap#444