EUVD-2026-7411

🗓️ 24 Feb 2026 02:02:06Reported by EUVDType

Alinto SOGo 5.12.3/5.12.4 XSS via argument hint; remote public exploit; vendor unresponsive.

Reporter	Title	Published	Views	Family All 14
ATTACKERKB	CVE-2026-3054	24 Feb 202602:02	–	attackerkb
Circl	CVE-2026-3054	24 Feb 202605:27	–	circl
CNNVD	Alinto SOGo 代码注入漏洞	24 Feb 202600:00	–	cnnvd
CVE	CVE-2026-3054	24 Feb 202602:02	–	cve
Cvelist	CVE-2026-3054 Alinto SOGo cross site scripting	24 Feb 202602:02	–	cvelist
Debian CVE	CVE-2026-3054	24 Feb 202602:02	–	debiancve
NVD	CVE-2026-3054	24 Feb 202603:16	–	nvd
OSV	DEBIAN-CVE-2026-3054	24 Feb 202603:16	–	osv
OSV	UBUNTU-CVE-2026-3054	24 Feb 202603:16	–	osv
Positive Technologies	PT-2026-21653	24 Feb 202600:00	–	ptsecurity

[
  {
    "enisaIdVendor": [
      {
        "id": "81018e97-b5b4-3e95-9393-70966a295e49",
        "vendor": {
          "name": "Alinto"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "05cfb17c-eaa7-3fc1-92c8-beca70e28784",
        "product": {
          "name": "SOGo"
        },
        "product_version": "5.12.3"
      },
      {
        "id": "5ef7c429-0459-3487-9ad7-db0e869e445d",
        "product": {
          "name": "SOGo"
        },
        "product_version": "5.12.4"
      }
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/

24 Feb 2026 02:02Current

3.5Low risk

Vulners AI Score3.5

CVSS 45.3

CVSS 3.14.3

CVSS 25

CVSS 34.3

EPSS0.00011

SSVC