CVE-2026-6351

Summary

MailGates/MailAudit developed by Openfind has a CRLF Injection vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to read system files.

Affected Software

VendorProductVersion RangeStatus
OpenfindMailGates6.0 < 6.1.10.054affected
OpenfindMailGates5.0 < 5.2.10.099affected
OpenfindMailAudit6.0 < 6.1.10.054affected
OpenfindMailAudit5.0 < 5.2.10.099affected

Weaknesses

  • CWE-93: CWE-93 Improper neutralization of CRLF sequences ('CRLF injection')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References