Unrated severityOSV Advisory· Published Jul 14, 2026
Debian sogo: A SQL injection vulnerability in SOGo before 5.12.7 allows authenticated users t…
CVE-2026-39178
Description
A SQL injection vulnerability in SOGo before 5.12.7 allows authenticated users to execute arbitrary SQL statements via the search parameter of the allContactSearch endpoint.
Affected products
3Patches
Vulnerability mechanics
News mentions
0No linked articles in our index yet.