CVE-2026-6351 | THREATINT

Description

MailGates/MailAudit developed by Openfind has a CRLF Injection vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to read system files.

PUBLISHED Reserved 2026-04-15 | Published 2026-04-16 | Updated 2026-04-16 | Assigner twcert

HIGH: 8.7CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Problem types

CWE-93 Improper neutralization of CRLF sequences ('CRLF injection')

Product status

Default status

unaffected

6.0 (custom) before 6.1.10.054

affected

5.0 (custom) before 5.2.10.099

affected

Default status

unaffected

6.0 (custom) before 6.1.10.054

affected

5.0 (custom) before 5.2.10.099

affected

References

www.twcert.org.tw/tw/cp-132-10844-1405d-1.html third-party-advisory

www.twcert.org.tw/en/cp-139-10843-9ff91-2.html third-party-advisory

cve.org (CVE-2026-6351)

nvd.nist.gov (CVE-2026-6351)

Download JSON

help @ threatint.eu