MailGates/MailAudit allows unauthorized access to system files

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

8.7

MailGates/MailAudit allows unauthorized access to system files

CVE-2026-6351

Summary

A flaw in MailGates/MailAudit allows attackers to view sensitive system files without a password. This could lead to the exposure of confidential information. Update MailGates/MailAudit to the latest version to fix this vulnerability.

Original title

MailGates/MailAudit developed by Openfind has a CRLF Injection vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to read system files.

Original description

MailGates/MailAudit developed by Openfind has a CRLF Injection vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to read system files.

nvd CVSS3.1 7.5

nvd CVSS4.0 8.7

Vulnerability type

CWE-93

https://www.twcert.org.tw/en/cp-139-10843-9ff91-2.html
https://www.twcert.org.tw/tw/cp-132-10844-1405d-1.html

Published: 16 Apr 2026 · Updated: 16 Apr 2026 · First seen: 16 Apr 2026