TWCERT published two high-severity vulnerability entries affecting enterprise software from Taiwanese vendors. Openfind MailGates/MailAudit is affected by CVE-2026-6351, a CWE-93 CRLF injection flaw that can be exploited by an unauthenticated remote attacker to read system files, creating a significant confidentiality risk. The issue was documented with CVSS v3.1 and v4.0 scoring and linked to TWCERT advisory references.
TWCERT also disclosed CVE-2026-5964 in Digiwin EasyFlow .NET, a CWE-89 SQL injection vulnerability that allows unauthenticated remote attackers to execute arbitrary SQL commands. Successful exploitation could let attackers read, modify, or delete database contents, affecting confidentiality, integrity, and availability. Both disclosures highlight externally reachable attack paths requiring no authentication and raise immediate patching and exposure-review concerns for organizations using the affected products.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
3 events from the most recent confirmed update back to the earliest known activity.
TWCERT received a report for CVE-2026-5963 affecting Digiwin EasyFlow .NET, describing a SQL injection flaw that could let unauthenticated remote attackers execute arbitrary SQL commands. The vulnerability could allow reading, modifying, or deleting database contents, and advisory references were added on the TWCERT/CC website.
A vulnerability report for Digiwin EasyFlow .NET was received by twcert@cert.org.tw describing a SQL injection flaw that could allow unauthenticated remote attackers to execute arbitrary SQL commands. The issue could enable reading, modifying, and deleting database contents, with CWE-89 and high-impact CVSS vectors recorded.
A vulnerability report for Openfind MailGates/MailAudit was received by twcert@cert.org.tw describing a CRLF injection flaw that could let unauthenticated remote attackers read system files. The entry classifies the issue as CWE-93 and records high confidentiality impact in CVSS scoring.
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
3 references tracked. Mallory keeps watching after this page renders.
cvefeed.io
Open sourcecvefeed.io
Open sourcecvefeed.io
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.