Browse all 6 CVE security advisories affecting Alinto. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Alinto provides secure communication and collaboration solutions, primarily serving organizations requiring encrypted messaging and document sharing. Historically, vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from input validation failures and misconfigured access controls. While no major public security incidents have been widely reported, the six CVEs on record highlight recurring issues in authentication mechanisms and API security. The platform's security posture appears typical for enterprise communication tools, with regular patching addressing identified weaknesses. Organizations implementing Alinto should prioritize timely updates and harden configurations against common web application vulnerabilities.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-33550 | SOGo 安全漏洞 — SOGoCWE-308 | 2.0 | Low | 2026-03-22 |
| CVE-2025-71276 | SOGo 跨站脚本漏洞 — SOGoCWE-79 | 6.4 | Medium | 2026-03-22 |
| CVE-2026-3054 | Alinto SOGo cross site scripting — SOGoCWE-79 | 4.3 | Medium | 2026-02-24 |
| CVE-2025-53603 | SOGo 代码问题漏洞 — SOPECWE-476 | 7.5 | High | 2025-07-05 |
| CVE-2022-4556 | Alinto SOGo Identity SOGoUserDefaults.m _migrateMailIdentities cross site scripting — SOGoCWE-707 | 3.5 | Low | 2022-12-16 |
| CVE-2022-4558 | Alinto SOGo Folder/Mail NSString+Utilities.m cross site scripting — SOGoCWE-707 | 3.5 | Low | 2022-12-16 |
This page lists every published CVE security advisory associated with Alinto. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.