Known Vulnerabilities for SOGo by Alinto SOGo
Listed below are 4 of the newest known vulnerabilities associated with "SOGo" by "Alinto SOGo".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-46446 json | SOGo before 5.12.7, when PostgreSQL or MariaDB is used, and cleartext passwords are stored, allows SQL injection. This is rel... | Not Provided | 2026-05-14 | 2026-05-14 |
| CVE-2026-46445 json | SOGo before 5.12.7, when PostgreSQL is used, allows SQL injection. | Not Provided | 2026-05-14 | 2026-05-14 |
| CVE-2026-8496 json | A cross-site scripting (XSS) vulnerability exists in Alinto SOGo, version 5.12.7. A maliciously crafted ICS calendar invitat... | Not Provided | 2026-05-13 | 2026-05-13 |
| CVE-2026-3054 json | A vulnerability was identified in Alinto SOGo 5.12.3/5.12.4. This impacts an unknown function. The manipulation of the argume... | Not Provided | 2026-02-24 | 2026-02-24 |