CVE-2026-46445

7.1HIGH

Key Information:

Vendor: Alinto
Status: Sogo
Vendor: CVE Published:; 14 May 2026

🔔 Create Alinto Vulnerability Alert

What is CVE-2026-46445?

SOGo before 5.12.7, when PostgreSQL is used, allows SQL injection.

Affected Version(s)

SOGo 0 < 5.12.7

References

https://www.sogo.nu/news/2026/sogo-v5127-released.html

https://github.com/Alinto/sogo/pull/379/changes/1f7e5d2b2...

https://www.mail-archive.com/debian-bugs-dist%40lists.deb...

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 14, 2026
Vulnerability Reserved
May 14, 2026

CVE-2026-46445 Data

.