CVE-2026-46446 – SOGo PostgreSQL/MariaDB SQL Injection

CVE ID :CVE-2026-46446

Published : May 14, 2026, 4:17 a.m. | 41 minutes ago

Description :SOGo before 5.12.7, when PostgreSQL or MariaDB is used, and cleartext passwords are stored, allows SQL injection. This is related to c_password = ‘%@’ in changePasswordForLogin.

Severity: 7.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-8280 – Allocation of Resources Without Limits or Throttling in GitLab

CVE-2026-7471 – Server-Side Request Forgery (SSRF) in GitLab

CVE-2026-8181 – Burst Statistics 3.4.0 – 3.4.1.1 – Authentication Bypass to Admin Account Takeover

CVE-2026-8144 – Missing Authorization in GitLab