CVE-2026-6350

CRITICAL

Openfind|MailGates/MailAudit - Stack-based Buffer Overflow

Title source: cna
STIX 2.1

Description

MailGates/MailAudit developed by Openfind has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code.

References (2)

Core 2
Core References
Third Party Advisory third-party-advisory
https://www.twcert.org.tw/tw/cp-132-10844-1405d-1.html
Third Party Advisory third-party-advisory
https://www.twcert.org.tw/en/cp-139-10843-9ff91-2.html

Scores

CVSS v3 9.8
EPSS 0.0076
EPSS Percentile 50.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

CWE
CWE-121
Status published
Products (4)
Openfind/MailAudit 5.0 - 5.2.10.099
Openfind/MailAudit 6.0 - 6.1.10.054
Openfind/MailGates 5.0 - 5.2.10.099
Openfind/MailGates 6.0 - 6.1.10.054
Published Apr 16, 2026
Tracked Since Apr 16, 2026