Known Vulnerabilities for SOGo by Alinto
Listed below are 8 of the newest known vulnerabilities associated with "SOGo" by "Alinto".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-46446 json | SOGo before 5.12.7, when PostgreSQL or MariaDB is used, and cleartext passwords are stored, allows SQL injection. This is rel... | Not Provided | 2026-05-14 | 2026-05-14 |
| CVE-2026-46445 json | SOGo before 5.12.7, when PostgreSQL is used, allows SQL injection. | Not Provided | 2026-05-14 | 2026-05-14 |
| CVE-2026-8496 json | A cross-site scripting (XSS) vulnerability exists in Alinto SOGo, version 5.12.7. A maliciously crafted ICS calendar invitat... | Not Provided | 2026-05-13 | 2026-05-13 |
| CVE-2026-3054 json | A vulnerability was identified in Alinto SOGo 5.12.3/5.12.4. This impacts an unknown function. The manipulation of the argume... | Not Provided | 2026-02-24 | 2026-02-24 |
| CVE-2022-4558 json | A vulnerability was found in Alinto SOGo up to 5.7.1. It has been classified as problematic. This affects an unknown part of ... | 6.1 - MEDIUM | 2022-12-16 | 2023-11-07 |
| CVE-2022-4556 json | A vulnerability was found in Alinto SOGo up to 5.7.1 and classified as problematic. Affected by this issue is the function _m... | 6.1 - MEDIUM | 2022-12-16 | 2023-11-07 |
| CVE-2016-6191 json | Not Provided | 2017-02-17 | 2025-04-20 | |
| CVE-2016-6189 json | Not Provided | 2017-02-17 | 2025-04-20 | |
| CVE-2016-6188 json | Not Provided | 2017-02-03 | 2025-04-20 | |
| CVE-2015-5395 json | Cross-site request forgery (CSRF) vulnerability in SOGo before 3.1.0. | 8.8 - HIGH | 2017-09-20 | 2022-12-20 |