Alinto CVEs & Vulnerabilities
3 CVEs affecting Alinto products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.
3 CVEs→ All vendors
Most Affected Products
sogo 4
CVE-2026-33550LOW
SOGo before 5.12.5 does not renew the OTP if a user disables/enables it, and has a too short length (only 12 digits instead of the 20 recommended).
22 Mar 2026
2.6
CVSS
CVE-2025-71276MEDIUM
SOGo before 5.12.5 is prone to a XSS vulnerability with events, tasks, and contacts categories.
22 Mar 2026
6.1
CVSS
CVE-2026-3054MEDIUM
A vulnerability was identified in Alinto SOGo 5.12.3/5.12.4. This impacts an unknown function. The manipulation of the argument hint leads to cross site scripting. The attack can be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
24 Feb 2026
6.1
CVSS
← PrevPage 1 / 1Next →