CVE-2026-29140

High CVSS: 7.7

SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to cause attacker-controlled certificates to be used for future encryption to a victim by adding the certificates to S/MIME signatures.

Vendor

Product

CWE

CWE-295

Yayın Tarihi

2026-04-02 09:16:22

Güncelleme

2026-04-03 16:10:52

Source Identifier

vulnerability@ncsc.ch

KEV Date Added

Kategoriler

CWE-295 HIGH 2026

Referanslar

https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#seppmail-vulnerability-disclosure-1503