A vulnerability, which was classified as critical , has been found in Alinto SOGo up to 5.12.6 . Affected is an unknown function. The manipulation leads to sql injection. This vulnerability is documented as CVE-2026-46445 . The attack can be initiated remotely. There is not any exploit available. It is advisable to upgrade the affected component.