CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/05/14 1:0 p.m.•4 views

EUVD-2026-30282

CVE•added 2026/05/14 1:0 p.m.•85 views

CVE-2026-6472

The CVE-2026-6472 entry concerns PostgreSQL: missing authorization in the CREATE TYPE path enables an object creator to hijack queries that rely on search_path to locate user-defined and extension-defined types. Affected versions include PostgreSQL 14.23, 15.18, 16.14, 17.10, and 18.4 prior relea...

Exploits0References1Affected Software1

ATTACKERKB•added 2026/05/14 1:0 p.m.•4 views

CVE-2026-6472

AlpineLinux•added 2026/05/14 1:0 p.m.•6 views

Exploits0References2

CVE-2026-6472

Vulnrichment•added 2026/05/14 1:0 p.m.•3 views

Exploits0

CVE-2026-6472 PostgreSQL CREATE TYPE does not check multirange schema CREATE privilege

Debian CVE•added 2026/05/14 1:0 p.m.•6 views

CVE-2026-6472

NVD•added 2026/05/14 4:17 a.m.•5 views

Exploits0

CVE-2026-46445

SOGo before 5.12.7, when PostgreSQL is used, allows SQL injection...

7.1CVSS0.00031EPSS

OSV•added 2026/05/14 4:17 a.m.•4 views

DEBIAN-CVE-2026-46446

SOGo before 5.12.7, when PostgreSQL or MariaDB is used, and cleartext passwords are stored, allows SQL injection. This is related to cpassword = '%@' in changePasswordForLogin...

NVD•added 2026/05/14 4:17 a.m.•8 views

CVE-2026-46446

SOGo before 5.12.7, when PostgreSQL or MariaDB is used, and cleartext passwords are stored, allows SQL injection. This is related to cpassword = '%@' in changePasswordForLogin...

7.1CVSS0.00031EPSS

OSV•added 2026/05/14 4:17 a.m.•3 views

DEBIAN-CVE-2026-46445

SOGo before 5.12.7, when PostgreSQL is used, allows SQL injection...

OSV•added 2026/05/14 4:17 a.m.•4 views

UBUNTU-CVE-2026-46446

SOGo before 5.12.7, when PostgreSQL or MariaDB is used, and cleartext passwords are stored, allows SQL injection. This is related to cpassword = '%@' in changePasswordForLogin...

UbuntuCve•added 2026/05/14 4:17 a.m.•4 views

Exploits0References6

CVE-2026-46446

SOGo before 5.12.7, when PostgreSQL or MariaDB is used, and cleartext passwords are stored, allows SQL injection. This is related to cpassword = '%@' in changePasswordForLogin...

UbuntuCve•added 2026/05/14 4:17 a.m.•2 views

Exploits0References5

CVE-2026-46445

SOGo before 5.12.7, when PostgreSQL is used, allows SQL injection...

OSV•added 2026/05/14 4:17 a.m.•1 views

Exploits0References5

UBUNTU-CVE-2026-46445

SOGo before 5.12.7, when PostgreSQL is used, allows SQL injection...

EUVD•added 2026/05/14 3:13 a.m.•8 views

Exploits0References6

EUVD-2026-30213

SOGo before 5.12.7, when PostgreSQL or MariaDB is used, and cleartext passwords are stored, allows SQL injection. This is related to cpassword = '%@' in changePasswordForLogin...

Cvelist•added 2026/05/14 3:13 a.m.•29 views

CVE-2026-46446

SOGo before 5.12.7, when PostgreSQL or MariaDB is used, and cleartext passwords are stored, allows SQL injection. This is related to cpassword = '%@' in changePasswordForLogin...

7.1CVSS0.00031EPSS

Vulnrichment•added 2026/05/14 3:13 a.m.•6 views

CVE-2026-46446

SOGo before 5.12.7, when PostgreSQL or MariaDB is used, and cleartext passwords are stored, allows SQL injection. This is related to cpassword = '%@' in changePasswordForLogin...

CVE•added 2026/05/14 3:13 a.m.•12 views

CVE-2026-46446

SOGo before 5.12.7, when using PostgreSQL or MariaDB, stores passwords in cleartext and is vulnerable to SQL injection via c_password = '%@' in changePasswordForLogin. The CVE notes an impact on confidentiality and integrity with a high base score (7.1) and a network attack vector requiring low p...

ATTACKERKB•added 2026/05/14 3:13 a.m.•6 views

CVE-2026-46446

SOGo before 5.12.7, when PostgreSQL or MariaDB is used, and cleartext passwords are stored, allows SQL injection. This is related to cpassword = '%@' in changePasswordForLogin...