CVE-2026-29143

High CVSS: 7.8

SEPPmail Secure Email Gateway before version 15.0.3 does not properly authenticate the inner message of S/MIME-encrypted MIME entities, allowing an attacker to control trusted headers.

Vendor

Product

CWE

CWE-20

Yayın Tarihi

2026-04-02 09:16:23

Güncelleme

2026-04-03 16:10:52

Source Identifier

vulnerability@ncsc.ch

KEV Date Added

Kategoriler

CWE-20 HIGH 2026

Referanslar

https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#seppmail-vulnerability-disclosure-1503