CVE-2026-27444

High CVSS: 7.8

SEPPmail Secure Email Gateway before version 15.0.1 incorrectly interprets email addresses in the email headers, causing an interpretation conflict with other mail infrastructure that allows an attacker to fake the source of the email or decrypt it.

Vendor

Seppmail

Product

Seppmail

CWE

CWE-436

Yayın Tarihi

2026-03-04 09:15:56

Güncelleme

2026-03-05 15:34:43

Source Identifier

vulnerability@ncsc.ch

KEV Date Added

Kategoriler

CWE-436 Seppmail HIGH Seppmail 2026

Referanslar

https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#seppmail-vulnerability-disclosure

Benzer Kayıtlar

Critical

CVE-2026-2743

Arbitrary File Write via Path Traversal upload to Remote Code Execution in SeppMail User Web Interface. The affected fea…

Medium

CVE-2026-2747

SEPPmail Secure Email Gateway before version 15.0.1 decrypts inline PGP messages without isolating them from surrounding…

High

CVE-2026-2748

SEPPmail Secure Email Gateway before version 15.0.1 improperly validates S/MIME certificates issued for email addresses…

Medium

CVE-2026-2746

SEPPmail Secure Email Gateway before version 15.0.1 does not properly communicate PGP signature verification results, le…

Critical

CVE-2026-27442

The GINA web interface in SEPPmail Secure Email Gateway before version 15.0.1 does not properly check attachment filenam…

High

CVE-2026-27443

SEPPmail Secure Email Gateway before version 15.0.1 does not properly sanitize the headers from S/MIME protected MIME en…