CVE-2026-45344 | Kovah LinkAce up to 2.5.5 Mail Configuration injection (GHSA-37m5-936h-w455)
ID: 46ea66c2-1246-5c63-bd36-e8144a24c886
STIX ID: report--46ea66c2-1246-5c63-bd36-e8144a24c886
Feed Name: VulDB Recent Entries
Threat Score
LinkAce (<=2.5.5) has a critical injection vulnerability (CVE-2026-45344) in its setup/database configuration flow that can write attacker-controlled values into the .env file and enable remote command execution via mail configuration; upgrade to LinkAce 2.5.6 to remediate.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.