HIGH SeverityCVSS 3.17.1CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L

CVE-2026-46445

Last updated May 14, 2026 · Published May 14, 2026

← Back to list

Description

SOGo before 5.12.7, when PostgreSQL is used, allows SQL injection.

Affected products

1 listed

Alinto:SOGo

Mappings

CWE

CWE-89

CAPEC

None listed.

Related

Research

SQL InjectionCovers how unsafe query construction enables data theft and database compromise. Provides parameterization and…

Guides

SQL Injection Prevention with PrismaSafe patterns for raw queries and dynamic filters.

Training

Injection TodaySQL, NoSQL, ORM, and LLM injection - what's changed and what hasn't.

CVE® content © MITRE Corporation. Licensed under the CVE Terms of Use. Terms

Need help?Get in touch.