CVE-2026-6350
published 2026-04-16CVE-2026-6350: MailGates/MailAudit developed by Openfind has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's…
PriorityP270critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.77%
50.8th percentile
MailGates/MailAudit developed by Openfind has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| openfind | mailaudit | >= 5.0 < 5.2.10.099 | 5.2.10.099 |
| openfind | mailaudit | >= 6.0 < 6.1.10.054 | 6.1.10.054 |
| openfind | mailgates | >= 5.0 < 5.2.10.099 | 5.2.10.099 |
| openfind | mailgates | >= 6.0 < 6.1.10.054 | 6.1.10.054 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv4.09.3CRITICALCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Openfind MailGates/MailAudit prior 5.2.10.099/6.1.10.054 stack-based overflow (EUVD-2026-23166)
vuldb·2026-04-16·CVSS 9.3
CVE-2026-6350 [CRITICAL] Openfind MailGates/MailAudit prior 5.2.10.099/6.1.10.054 stack-based overflow (EUVD-2026-23166)
A vulnerability marked as critical has been reported in Openfind MailGates and MailAudit. Affected is an unknown function. The manipulation leads to stack-based buffer overflow.
This vulnerability is documented as CVE-2026-6350. The attack can be initiated remotely. There is not any exploit available.
It is suggested to upgrade the affected component.
GHSA
GHSA-6v5j-prr3-phf9: MailGates/MailAudit developed by Openfind has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the pr
ghsa_unreviewed·2026-04-16
CVE-2026-6350 [CRITICAL] CWE-121 GHSA-6v5j-prr3-phf9: MailGates/MailAudit developed by Openfind has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the pr
MailGates/MailAudit developed by Openfind has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-04-16
Published