High severity7.1NVD Advisory· Published May 14, 2026· Updated May 14, 2026
CVE-2026-46446
CVE-2026-46446
Description
SOGo before 5.12.7, when PostgreSQL or MariaDB is used, and cleartext passwords are stored, allows SQL injection. This is related to c_password = '%@' in changePasswordForLogin.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.