Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
26 vulnerabilities by seppmail
CVE-2026-29136 (GCVE-0-2026-29136)
Vulnerability from cvelistv5 – Published: 2026-04-02 08:53 – Updated: 2026-04-02 13:30
VLAI?
Title
CA Notification HTML Injection
Summary
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to inject HTML into notification emails about new CA certificates.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-Site Scripting')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SEPPmail | Secure Email Gateway |
Affected:
0 , < 15.0.3
(custom)
|
Credits
Andris Suter-Dörig
Matteo Scarlata
Kenny Paterson
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-29136",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-02T13:30:34.131339Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T13:30:44.648Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Secure Email Gateway",
"vendor": "SEPPmail",
"versions": [
{
"lessThan": "15.0.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:seppmail:seppmail_secure_email_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.3",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Andris Suter-D\u00f6rig"
},
{
"lang": "en",
"type": "coordinator",
"value": "Matteo Scarlata"
},
{
"lang": "en",
"type": "coordinator",
"value": "Kenny Paterson"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to inject HTML into notification emails about new CA certificates."
}
],
"value": "SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to inject HTML into notification emails about new CA certificates."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-Site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T08:53:55.324Z",
"orgId": "455daabc-a392-441d-aa46-37d35189897c",
"shortName": "NCSC.ch"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#seppmail-vulnerability-disclosure-1503"
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-10-31T14:22:00.000Z",
"value": "Vulnerability disclosed to SEPPmail"
},
{
"lang": "en",
"time": "2026-03-03T00:00:00.000Z",
"value": "Version 15.0.3 released"
}
],
"title": "CA Notification HTML Injection",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
"assignerShortName": "NCSC.ch",
"cveId": "CVE-2026-29136",
"datePublished": "2026-04-02T08:53:55.324Z",
"dateReserved": "2026-03-04T09:08:03.277Z",
"dateUpdated": "2026-04-02T13:30:44.648Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-29139 (GCVE-0-2026-29139)
Vulnerability from cvelistv5 – Published: 2026-04-02 08:52 – Updated: 2026-04-02 13:31
VLAI?
Title
GINA State Confusion Account Takeover
Summary
SEPPmail Secure Email Gateway before version 15.0.3 allows account takeover by abusing GINA account initialization to reset a victim account password.
Severity ?
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SEPPmail | Secure Email Gateway |
Affected:
0 , < 15.0.3
(custom)
|
Credits
Andris Suter-Dörig
Matteo Scarlata
Kenny Paterson
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-29139",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-02T13:31:47.281688Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T13:31:56.778Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Secure Email Gateway",
"vendor": "SEPPmail",
"versions": [
{
"lessThan": "15.0.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:seppmail:seppmail_secure_email_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.3",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Andris Suter-D\u00f6rig"
},
{
"lang": "en",
"type": "coordinator",
"value": "Matteo Scarlata"
},
{
"lang": "en",
"type": "coordinator",
"value": "Kenny Paterson"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SEPPmail Secure Email Gateway before version 15.0.3 allows account takeover by abusing GINA account initialization to reset a victim account password."
}
],
"value": "SEPPmail Secure Email Gateway before version 15.0.3 allows account takeover by abusing GINA account initialization to reset a victim account password."
}
],
"impacts": [
{
"capecId": "CAPEC-74",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-74 Manipulating State"
}
]
},
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:H/SI:H/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T08:52:07.792Z",
"orgId": "455daabc-a392-441d-aa46-37d35189897c",
"shortName": "NCSC.ch"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#seppmail-vulnerability-disclosure-1503"
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-10-31T14:22:00.000Z",
"value": "Vulnerability disclosed to SEPPmail"
},
{
"lang": "en",
"time": "2026-03-03T00:00:00.000Z",
"value": "Version 15.0.3 released"
}
],
"title": "GINA State Confusion Account Takeover",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
"assignerShortName": "NCSC.ch",
"cveId": "CVE-2026-29139",
"datePublished": "2026-04-02T08:52:07.792Z",
"dateReserved": "2026-03-04T09:08:03.278Z",
"dateUpdated": "2026-04-02T13:31:56.778Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-29144 (GCVE-0-2026-29144)
Vulnerability from cvelistv5 – Published: 2026-04-02 08:50 – Updated: 2026-04-02 13:32
VLAI?
Title
Unicode Subject Tags
Summary
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to bypass subject sanitization and forge security tags using Unicode lookalike characters.
Severity ?
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SEPPmail | Secure Email Gateway |
Affected:
0 , < 15.0.3
(custom)
|
Credits
Andris Suter-Dörig
Matteo Scarlata
Kenny Paterson
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-29144",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-02T13:32:44.731737Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T13:32:54.711Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Secure Email Gateway",
"vendor": "SEPPmail",
"versions": [
{
"lessThan": "15.0.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:seppmail:seppmail_secure_email_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.3",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Andris Suter-D\u00f6rig"
},
{
"lang": "en",
"type": "coordinator",
"value": "Matteo Scarlata"
},
{
"lang": "en",
"type": "coordinator",
"value": "Kenny Paterson"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to bypass subject sanitization and forge security tags using Unicode lookalike characters."
}
],
"value": "SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to bypass subject sanitization and forge security tags using Unicode lookalike characters."
}
],
"impacts": [
{
"capecId": "CAPEC-632",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-632 Homograph Attack via Homoglyphs"
}
]
},
{
"capecId": "CAPEC-473",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-473 Signature Spoof"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:H/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T08:50:55.713Z",
"orgId": "455daabc-a392-441d-aa46-37d35189897c",
"shortName": "NCSC.ch"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#seppmail-vulnerability-disclosure-1503"
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-10-31T14:22:00.000Z",
"value": "Vulnerability disclosed to SEPPmail"
},
{
"lang": "en",
"time": "2026-03-03T00:00:00.000Z",
"value": "Version 15.0.3 released"
}
],
"title": "Unicode Subject Tags",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
"assignerShortName": "NCSC.ch",
"cveId": "CVE-2026-29144",
"datePublished": "2026-04-02T08:50:55.713Z",
"dateReserved": "2026-03-04T09:08:07.342Z",
"dateUpdated": "2026-04-02T13:32:54.711Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-29143 (GCVE-0-2026-29143)
Vulnerability from cvelistv5 – Published: 2026-04-02 08:49 – Updated: 2026-04-02 13:34
VLAI?
Title
S/MIME Decryption Impersonation
Summary
SEPPmail Secure Email Gateway before version 15.0.3 does not properly authenticate the inner message of S/MIME-encrypted MIME entities, allowing an attacker to control trusted headers.
Severity ?
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SEPPmail | Secure Email Gateway |
Affected:
0 , < 15.0.3
(custom)
|
Credits
Andris Suter-Dörig
Matteo Scarlata
Kenny Paterson
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-29143",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-02T13:34:22.865322Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T13:34:31.668Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Secure Email Gateway",
"vendor": "SEPPmail",
"versions": [
{
"lessThan": "15.0.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:seppmail:seppmail_secure_email_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.3",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Andris Suter-D\u00f6rig"
},
{
"lang": "en",
"type": "coordinator",
"value": "Matteo Scarlata"
},
{
"lang": "en",
"type": "coordinator",
"value": "Kenny Paterson"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SEPPmail Secure Email Gateway before version 15.0.3 does not properly authenticate the inner message of S/MIME-encrypted MIME entities, allowing an attacker to control trusted headers."
}
],
"value": "SEPPmail Secure Email Gateway before version 15.0.3 does not properly authenticate the inner message of S/MIME-encrypted MIME entities, allowing an attacker to control trusted headers."
}
],
"impacts": [
{
"capecId": "CAPEC-43",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-43 Exploiting Multiple Input Interpretation Layers"
}
]
},
{
"capecId": "CAPEC-194",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-194 Fake the Source of Data"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:H/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T08:49:31.012Z",
"orgId": "455daabc-a392-441d-aa46-37d35189897c",
"shortName": "NCSC.ch"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#seppmail-vulnerability-disclosure-1503"
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-10-31T14:22:00.000Z",
"value": "Vulnerability disclosed to SEPPmail"
},
{
"lang": "en",
"time": "2026-03-03T00:00:00.000Z",
"value": "Version 15.0.3 released"
}
],
"title": "S/MIME Decryption Impersonation",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
"assignerShortName": "NCSC.ch",
"cveId": "CVE-2026-29143",
"datePublished": "2026-04-02T08:49:31.012Z",
"dateReserved": "2026-03-04T09:08:07.342Z",
"dateUpdated": "2026-04-02T13:34:31.668Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-29138 (GCVE-0-2026-29138)
Vulnerability from cvelistv5 – Published: 2026-04-02 08:47 – Updated: 2026-04-02 14:32
VLAI?
Title
PGP Decryption Sender LDAP Injection
Summary
SEPPmail Secure Email Gateway before version 15.0.3 allows attackers with a specially crafted email address to claim another user's PGP signature as their own.
Severity ?
CWE
- CWE-90 - Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SEPPmail | Secure Email Gateway |
Affected:
0 , < 15.0.3
(custom)
|
Credits
Andris Suter-Dörig
Matteo Scarlata
Kenny Paterson
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-29138",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-02T14:32:47.151158Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T14:32:59.953Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Secure Email Gateway",
"vendor": "SEPPmail",
"versions": [
{
"lessThan": "15.0.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:seppmail:seppmail_secure_email_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.3",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Andris Suter-D\u00f6rig"
},
{
"lang": "en",
"type": "coordinator",
"value": "Matteo Scarlata"
},
{
"lang": "en",
"type": "coordinator",
"value": "Kenny Paterson"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SEPPmail Secure Email Gateway before version 15.0.3 allows attackers with a specially crafted email address to claim another user\u0027s PGP signature as their own."
}
],
"value": "SEPPmail Secure Email Gateway before version 15.0.3 allows attackers with a specially crafted email address to claim another user\u0027s PGP signature as their own."
}
],
"impacts": [
{
"capecId": "CAPEC-136",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-136 LDAP Injection"
}
]
},
{
"capecId": "CAPEC-194",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-194 Fake the Source of Data"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-90",
"description": "CWE-90 Improper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T08:47:49.544Z",
"orgId": "455daabc-a392-441d-aa46-37d35189897c",
"shortName": "NCSC.ch"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#seppmail-vulnerability-disclosure-1503"
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-10-31T14:22:00.000Z",
"value": "Vulnerability disclosed to SEPPmail"
},
{
"lang": "en",
"time": "2026-03-03T00:00:00.000Z",
"value": "Version 15.0.3 released"
}
],
"title": "PGP Decryption Sender LDAP Injection",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
"assignerShortName": "NCSC.ch",
"cveId": "CVE-2026-29138",
"datePublished": "2026-04-02T08:47:49.544Z",
"dateReserved": "2026-03-04T09:08:03.277Z",
"dateUpdated": "2026-04-02T14:32:59.953Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-29131 (GCVE-0-2026-29131)
Vulnerability from cvelistv5 – Published: 2026-04-02 08:46 – Updated: 2026-04-02 13:31
VLAI?
Title
PGP Decryption Recipient LDAP Injection
Summary
SEPPmail Secure Email Gateway before version 15.0.3 allows attackers with a specially crafted email address to read the contents of emails encrypted for other users.
Severity ?
CWE
- CWE-90 - Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SEPPmail | Secure Email Gateway |
Affected:
0 , < 15.0.3
(custom)
|
Credits
Andris Suter-Dörig
Matteo Scarlata
Kenny Paterson
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-29131",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-02T13:16:53.366492Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T13:31:31.492Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Secure Email Gateway",
"vendor": "SEPPmail",
"versions": [
{
"lessThan": "15.0.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:seppmail:seppmail_secure_email_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.3",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Andris Suter-D\u00f6rig"
},
{
"lang": "en",
"type": "coordinator",
"value": "Matteo Scarlata"
},
{
"lang": "en",
"type": "coordinator",
"value": "Kenny Paterson"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SEPPmail Secure Email Gateway before version 15.0.3 allows attackers with a specially crafted email address to read the contents of emails encrypted for other users."
}
],
"value": "SEPPmail Secure Email Gateway before version 15.0.3 allows attackers with a specially crafted email address to read the contents of emails encrypted for other users."
}
],
"impacts": [
{
"capecId": "CAPEC-136",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-136 LDAP Injection"
}
]
},
{
"capecId": "CAPEC-116",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-116 Excavation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-90",
"description": "CWE-90 Improper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T08:46:15.928Z",
"orgId": "455daabc-a392-441d-aa46-37d35189897c",
"shortName": "NCSC.ch"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#seppmail-vulnerability-disclosure-1503"
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-10-31T14:22:00.000Z",
"value": "Vulnerability disclosed to SEPPmail"
},
{
"lang": "en",
"time": "2026-03-03T00:00:00.000Z",
"value": "Version 15.0.3 released"
}
],
"title": "PGP Decryption Recipient LDAP Injection",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
"assignerShortName": "NCSC.ch",
"cveId": "CVE-2026-29131",
"datePublished": "2026-04-02T08:46:15.928Z",
"dateReserved": "2026-03-04T09:08:03.277Z",
"dateUpdated": "2026-04-02T13:31:31.492Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-29142 (GCVE-0-2026-29142)
Vulnerability from cvelistv5 – Published: 2026-04-02 08:44 – Updated: 2026-04-02 13:31
VLAI?
Title
Plaintext secure-mail.html
Summary
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to forge a GINA-encrypted email.
Severity ?
CWE
- CWE-325 - Missing Cryptographic Step
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SEPPmail | Secure Email Gateway |
Affected:
0 , < 15.0.3
(custom)
|
Credits
Andris Suter-Dörig
Matteo Scarlata
Kenny Paterson
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-29142",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-02T13:21:07.474508Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T13:31:40.126Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Secure Email Gateway",
"vendor": "SEPPmail",
"versions": [
{
"lessThan": "15.0.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:seppmail:seppmail_secure_email_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.3",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Andris Suter-D\u00f6rig"
},
{
"lang": "en",
"type": "coordinator",
"value": "Matteo Scarlata"
},
{
"lang": "en",
"type": "coordinator",
"value": "Kenny Paterson"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to forge a GINA-encrypted email."
}
],
"value": "SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to forge a GINA-encrypted email."
}
],
"impacts": [
{
"capecId": "CAPEC-194",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-194 Fake the Source of Data"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "HIGH",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-325",
"description": "CWE-325 Missing Cryptographic Step",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T08:44:51.968Z",
"orgId": "455daabc-a392-441d-aa46-37d35189897c",
"shortName": "NCSC.ch"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#seppmail-vulnerability-disclosure-1503"
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-10-31T14:22:00.000Z",
"value": "Vulnerability disclosed to SEPPmail"
},
{
"lang": "en",
"time": "2026-03-03T00:00:00.000Z",
"value": "Version 15.0.3 released"
}
],
"title": "Plaintext secure-mail.html",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
"assignerShortName": "NCSC.ch",
"cveId": "CVE-2026-29142",
"datePublished": "2026-04-02T08:44:51.968Z",
"dateReserved": "2026-03-04T09:08:07.342Z",
"dateUpdated": "2026-04-02T13:31:40.126Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-29137 (GCVE-0-2026-29137)
Vulnerability from cvelistv5 – Published: 2026-04-02 08:42 – Updated: 2026-04-02 13:31
VLAI?
Title
Long Subject Untagging
Summary
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to hide security tags from users by crafting a long subject.
Severity ?
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SEPPmail | Secure Email Gateway |
Affected:
0 , < 15.0.3
(custom)
|
Credits
Andris Suter-Dörig
Matteo Scarlata
Kenny Paterson
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-29137",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-02T13:22:29.370933Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T13:31:46.465Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Secure Email Gateway",
"vendor": "SEPPmail",
"versions": [
{
"lessThan": "15.0.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:seppmail:seppmail_secure_email_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.3",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Andris Suter-D\u00f6rig"
},
{
"lang": "en",
"type": "coordinator",
"value": "Matteo Scarlata"
},
{
"lang": "en",
"type": "coordinator",
"value": "Kenny Paterson"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to hide security tags from users by crafting a long subject."
}
],
"value": "SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to hide security tags from users by crafting a long subject."
}
],
"impacts": [
{
"capecId": "CAPEC-194",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-194 Fake the Source of Data"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "LOW",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T08:42:38.281Z",
"orgId": "455daabc-a392-441d-aa46-37d35189897c",
"shortName": "NCSC.ch"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#seppmail-vulnerability-disclosure-1503"
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-10-31T14:22:00.000Z",
"value": "Vulnerability disclosed to SEPPmail"
},
{
"lang": "en",
"time": "2026-03-03T00:00:00.000Z",
"value": "Version 15.0.3 released"
}
],
"title": "Long Subject Untagging",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
"assignerShortName": "NCSC.ch",
"cveId": "CVE-2026-29137",
"datePublished": "2026-04-02T08:42:38.281Z",
"dateReserved": "2026-03-04T09:08:03.277Z",
"dateUpdated": "2026-04-02T13:31:46.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-29141 (GCVE-0-2026-29141)
Vulnerability from cvelistv5 – Published: 2026-04-02 08:34 – Updated: 2026-04-02 14:40
VLAI?
Title
Bounded Subject Tag Sanitization
Summary
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to bypass subject sanitization and forge tags such as [signed OK].
Severity ?
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SEPPmail | Secure Email Gateway |
Affected:
0 , < 15.0.3
(custom)
|
Credits
Andris Suter-Dörig
Matteo Scarlata
Kenny Paterson
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-29141",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-02T14:40:30.793493Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T14:40:50.107Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Secure Email Gateway",
"vendor": "SEPPmail",
"versions": [
{
"lessThan": "15.0.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:seppmail:seppmail_secure_email_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.3",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Andris Suter-D\u00f6rig"
},
{
"lang": "en",
"type": "coordinator",
"value": "Matteo Scarlata"
},
{
"lang": "en",
"type": "coordinator",
"value": "Kenny Paterson"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to bypass subject sanitization and forge tags such as [signed OK]."
}
],
"value": "SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to bypass subject sanitization and forge tags such as [signed OK]."
}
],
"impacts": [
{
"capecId": "CAPEC-473",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-473 Signature Spoof"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T08:34:32.933Z",
"orgId": "455daabc-a392-441d-aa46-37d35189897c",
"shortName": "NCSC.ch"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#seppmail-vulnerability-disclosure-1503"
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-10-31T14:22:00.000Z",
"value": "Vulnerability disclosed to SEPPmail"
},
{
"lang": "en",
"time": "2026-03-03T00:00:00.000Z",
"value": "Version 15.0.3 released"
}
],
"title": "Bounded Subject Tag Sanitization",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
"assignerShortName": "NCSC.ch",
"cveId": "CVE-2026-29141",
"datePublished": "2026-04-02T08:34:32.933Z",
"dateReserved": "2026-03-04T09:08:07.342Z",
"dateUpdated": "2026-04-02T14:40:50.107Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-29135 (GCVE-0-2026-29135)
Vulnerability from cvelistv5 – Published: 2026-04-02 08:31 – Updated: 2026-04-02 14:41
VLAI?
Title
Webmail Password Tag Sanitization Bypass
Summary
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to craft a password-tag that bypasses subject sanitization.
Severity ?
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SEPPmail | Secure Email Gateway |
Affected:
0 , < 15.0.3
(custom)
|
Credits
Andris Suter-Dörig
Matteo Scarlata
Kenny Paterson
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-29135",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-02T14:41:31.079621Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T14:41:45.142Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Secure Email Gateway",
"vendor": "SEPPmail",
"versions": [
{
"lessThan": "15.0.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:seppmail:seppmail_secure_email_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.3",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Andris Suter-D\u00f6rig"
},
{
"lang": "en",
"type": "coordinator",
"value": "Matteo Scarlata"
},
{
"lang": "en",
"type": "coordinator",
"value": "Kenny Paterson"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to craft a password-tag that bypasses subject sanitization."
}
],
"value": "SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to craft a password-tag that bypasses subject sanitization."
}
],
"impacts": [
{
"capecId": "CAPEC-43",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-43 Exploiting Multiple Input Interpretation Layers"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T08:31:52.227Z",
"orgId": "455daabc-a392-441d-aa46-37d35189897c",
"shortName": "NCSC.ch"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#seppmail-vulnerability-disclosure-1503"
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-10-31T14:22:00.000Z",
"value": "Vulnerability disclosed to SEPPmail"
},
{
"lang": "en",
"time": "2026-03-03T00:00:00.000Z",
"value": "Version 15.0.3 released"
}
],
"title": "Webmail Password Tag Sanitization Bypass",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
"assignerShortName": "NCSC.ch",
"cveId": "CVE-2026-29135",
"datePublished": "2026-04-02T08:31:52.227Z",
"dateReserved": "2026-03-04T09:08:03.277Z",
"dateUpdated": "2026-04-02T14:41:45.142Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-29134 (GCVE-0-2026-29134)
Vulnerability from cvelistv5 – Published: 2026-04-02 08:29 – Updated: 2026-04-02 14:42
VLAI?
Title
GINA Domain Switch
Summary
SEPPmail Secure Email Gateway before version 15.0.3 allows an external user to modify GINA webdomain metadata and bypass per-domain restrictions.
Severity ?
CWE
- CWE-807 - Reliance on Untrusted Inputs in a Security Decision
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SEPPmail | Secure Email Gateway |
Affected:
0 , < 15.0.3
(custom)
|
Credits
Andris Suter-Dörig
Matteo Scarlata
Kenny Paterson
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-29134",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-02T14:42:26.143187Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T14:42:41.757Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Secure Email Gateway",
"vendor": "SEPPmail",
"versions": [
{
"lessThan": "15.0.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:seppmail:seppmail_secure_email_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.3",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Andris Suter-D\u00f6rig"
},
{
"lang": "en",
"type": "coordinator",
"value": "Matteo Scarlata"
},
{
"lang": "en",
"type": "coordinator",
"value": "Kenny Paterson"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SEPPmail Secure Email Gateway before version 15.0.3 allows an external user to modify GINA webdomain metadata and bypass per-domain restrictions."
}
],
"value": "SEPPmail Secure Email Gateway before version 15.0.3 allows an external user to modify GINA webdomain metadata and bypass per-domain restrictions."
}
],
"impacts": [
{
"capecId": "CAPEC-1",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-807",
"description": "CWE-807 Reliance on Untrusted Inputs in a Security Decision",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T08:29:20.693Z",
"orgId": "455daabc-a392-441d-aa46-37d35189897c",
"shortName": "NCSC.ch"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#seppmail-vulnerability-disclosure-1503"
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-10-31T14:22:00.000Z",
"value": "Vulnerability disclosed to SEPPmail"
},
{
"lang": "en",
"time": "2026-03-03T00:00:00.000Z",
"value": "Version 15.0.3 released"
}
],
"title": "GINA Domain Switch",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
"assignerShortName": "NCSC.ch",
"cveId": "CVE-2026-29134",
"datePublished": "2026-04-02T08:29:20.693Z",
"dateReserved": "2026-03-04T09:08:03.277Z",
"dateUpdated": "2026-04-02T14:42:41.757Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-29140 (GCVE-0-2026-29140)
Vulnerability from cvelistv5 – Published: 2026-04-02 08:27 – Updated: 2026-04-02 14:48
VLAI?
Title
S/MIME Signature Additional Certificate
Summary
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to cause attacker-controlled certificates to be used for future encryption to a victim by adding the certificates to S/MIME signatures.
Severity ?
CWE
- CWE-295 - Improper Certificate Validation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SEPPmail | Secure Email Gateway |
Affected:
0 , < 15.0.3
(custom)
|
Credits
Andris Suter-Dörig
Matteo Scarlata
Kenny Paterson
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-29140",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-02T14:48:38.931386Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T14:48:53.216Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Secure Email Gateway",
"vendor": "SEPPmail",
"versions": [
{
"lessThan": "15.0.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:seppmail:seppmail_secure_email_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.3",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Andris Suter-D\u00f6rig"
},
{
"lang": "en",
"type": "coordinator",
"value": "Matteo Scarlata"
},
{
"lang": "en",
"type": "coordinator",
"value": "Kenny Paterson"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to cause attacker-controlled certificates to be used for future encryption to a victim by adding the certificates to S/MIME signatures."
}
],
"value": "SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to cause attacker-controlled certificates to be used for future encryption to a victim by adding the certificates to S/MIME signatures."
}
],
"impacts": [
{
"capecId": "CAPEC-216",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-216 Communication Channel Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:H/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T08:27:52.154Z",
"orgId": "455daabc-a392-441d-aa46-37d35189897c",
"shortName": "NCSC.ch"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#seppmail-vulnerability-disclosure-1503"
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-10-31T14:22:00.000Z",
"value": "Vulnerability disclosed to SEPPmail"
},
{
"lang": "en",
"time": "2026-03-03T00:00:00.000Z",
"value": "Version 15.0.3 released"
}
],
"title": "S/MIME Signature Additional Certificate",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
"assignerShortName": "NCSC.ch",
"cveId": "CVE-2026-29140",
"datePublished": "2026-04-02T08:27:52.154Z",
"dateReserved": "2026-03-04T09:08:07.342Z",
"dateUpdated": "2026-04-02T14:48:53.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-29133 (GCVE-0-2026-29133)
Vulnerability from cvelistv5 – Published: 2026-04-02 08:26 – Updated: 2026-04-02 14:50
VLAI?
Title
UID Regex Bypass
Summary
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to upload PGP keys with UIDs that do not match their email address.
Severity ?
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SEPPmail | Secure Email Gateway |
Affected:
0 , < 15.0.3
(custom)
|
Credits
Andris Suter-Dörig
Matteo Scarlata
Kenny Paterson
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-29133",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-02T14:50:11.761620Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T14:50:21.869Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Secure Email Gateway",
"vendor": "SEPPmail",
"versions": [
{
"lessThan": "15.0.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:seppmail:seppmail_secure_email_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.3",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Andris Suter-D\u00f6rig"
},
{
"lang": "en",
"type": "coordinator",
"value": "Matteo Scarlata"
},
{
"lang": "en",
"type": "coordinator",
"value": "Kenny Paterson"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to upload PGP keys with UIDs that do not match their email address."
}
],
"value": "SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to upload PGP keys with UIDs that do not match their email address."
}
],
"impacts": [
{
"capecId": "CAPEC-194",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-194 Fake the Source of Data"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T08:26:26.949Z",
"orgId": "455daabc-a392-441d-aa46-37d35189897c",
"shortName": "NCSC.ch"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#seppmail-vulnerability-disclosure-1503"
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-10-31T14:22:00.000Z",
"value": "Vulnerability disclosed to SEPPmail"
},
{
"lang": "en",
"time": "2026-03-03T00:00:00.000Z",
"value": "Version 15.0.3 released"
}
],
"title": "UID Regex Bypass",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
"assignerShortName": "NCSC.ch",
"cveId": "CVE-2026-29133",
"datePublished": "2026-04-02T08:26:26.949Z",
"dateReserved": "2026-03-04T09:08:03.277Z",
"dateUpdated": "2026-04-02T14:50:21.869Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-29132 (GCVE-0-2026-29132)
Vulnerability from cvelistv5 – Published: 2026-04-02 08:25 – Updated: 2026-04-02 14:50
VLAI?
Title
ESWmail-Verify Bypass
Summary
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker with access to a victim's GINA account to bypass a second-password check and read protected emails.
Severity ?
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SEPPmail | Secure Email Gateway |
Affected:
0 , < 15.0.3
(custom)
|
Credits
Andris Suter-Dörig
Matteo Scarlata
Kenny Paterson
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-29132",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-02T14:50:46.244390Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T14:50:57.915Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Secure Email Gateway",
"vendor": "SEPPmail",
"versions": [
{
"lessThan": "15.0.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:seppmail:seppmail_secure_email_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.3",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Andris Suter-D\u00f6rig"
},
{
"lang": "en",
"type": "coordinator",
"value": "Matteo Scarlata"
},
{
"lang": "en",
"type": "coordinator",
"value": "Kenny Paterson"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker with access to a victim\u0027s GINA account to bypass a second-password check and read protected emails."
}
],
"value": "SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker with access to a victim\u0027s GINA account to bypass a second-password check and read protected emails."
}
],
"impacts": [
{
"capecId": "CAPEC-87",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-87 Forceful Browsing"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T08:25:00.574Z",
"orgId": "455daabc-a392-441d-aa46-37d35189897c",
"shortName": "NCSC.ch"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#seppmail-vulnerability-disclosure-1503"
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-10-31T14:22:00.000Z",
"value": "Vulnerability disclosed to SEPPmail"
},
{
"lang": "en",
"time": "2026-03-03T00:00:00.000Z",
"value": "Version 15.0.3 released"
}
],
"title": "ESWmail-Verify Bypass",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
"assignerShortName": "NCSC.ch",
"cveId": "CVE-2026-29132",
"datePublished": "2026-04-02T08:25:00.574Z",
"dateReserved": "2026-03-04T09:08:03.277Z",
"dateUpdated": "2026-04-02T14:50:57.915Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2743 (GCVE-0-2026-2743)
Vulnerability from cvelistv5 – Published: 2026-03-05 06:45 – Updated: 2026-03-05 15:18
VLAI?
Title
SEPPmail User Web Interface Arbitrary File Write to RCE
Summary
Arbitrary File Write via Path Traversal upload to Remote Code Execution in SeppMail User Web Interface. The affected feature is the large file transfer (LFT). This issue affects SeppMail: 15.0.2.1 and before
Severity ?
CWE
Assigner
References
Credits
Manuel Feifel and Dario Weiss of InfoGuard Labs
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2743",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-05T15:18:18.048322Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-05T15:18:26.038Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"GINA User Web Interface"
],
"platforms": [
"Linux"
],
"product": "SeppMail",
"vendor": "SeppMail",
"versions": [
{
"lessThanOrEqual": "15.0.2.1",
"status": "affected",
"version": "unknown",
"versionType": "-"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Manuel Feifel and Dario Weiss of InfoGuard Labs"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Arbitrary File Write via Path Traversal upload to Remote Code Execution in SeppMail User Web Interface. The affected feature is the large file transfer (LFT). \u003cp\u003eThis issue affects SeppMail: 15.0.2.1 and before\u003c/p\u003e"
}
],
"value": "Arbitrary File Write via Path Traversal upload to Remote Code Execution in SeppMail User Web Interface. The affected feature is the large file transfer (LFT). This issue affects SeppMail: 15.0.2.1 and before"
}
],
"impacts": [
{
"capecId": "CAPEC-242",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-242 Code Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"exploitMaturity": "ATTACKED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:A/AU:Y",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-05T06:45:21.753Z",
"orgId": "455daabc-a392-441d-aa46-37d35189897c",
"shortName": "NCSC.ch"
},
"references": [
{
"url": "https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html"
},
{
"url": "https://labs.infoguard.ch/advisories/seppmail"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "SEPPmail User Web Interface Arbitrary File Write to RCE",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
"assignerShortName": "NCSC.ch",
"cveId": "CVE-2026-2743",
"datePublished": "2026-03-05T06:45:21.753Z",
"dateReserved": "2026-02-19T12:28:37.148Z",
"dateUpdated": "2026-03-05T15:18:26.038Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-27441 (GCVE-0-2026-27441)
Vulnerability from cvelistv5 – Published: 2026-03-04 08:49 – Updated: 2026-03-04 16:12
VLAI?
Title
PDF Password CMDi
Summary
SEPPmail Secure Email Gateway before version 15.0.1 insufficiently neutralizes the PDF encryption password, allowing OS command execution.
Severity ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SEPPmail | Secure Email Gateway |
Affected:
0 , < 15.0.1
(custom)
|
Credits
Andris Suter-Dörig
Matteo Scarlata
Kenny Paterson
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-27441",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-04T16:06:51.486726Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-04T16:12:24.028Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Secure Email Gateway",
"vendor": "SEPPmail",
"versions": [
{
"lessThan": "15.0.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:seppmail:seppmail_secure_email_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.1",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Andris Suter-D\u00f6rig"
},
{
"lang": "en",
"type": "coordinator",
"value": "Matteo Scarlata"
},
{
"lang": "en",
"type": "coordinator",
"value": "Kenny Paterson"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SEPPmail Secure Email Gateway before version 15.0.1 insufficiently neutralizes the PDF encryption password, allowing OS command execution."
}
],
"value": "SEPPmail Secure Email Gateway before version 15.0.1 insufficiently neutralizes the PDF encryption password, allowing OS command execution."
}
],
"impacts": [
{
"capecId": "CAPEC-242",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-242 Code Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 9.5,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-04T08:49:30.946Z",
"orgId": "455daabc-a392-441d-aa46-37d35189897c",
"shortName": "NCSC.ch"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#seppmail-vulnerability-disclosure"
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-10-31T14:22:00.000Z",
"value": "Vulnerability disclosed to SEPPmail"
},
{
"lang": "en",
"time": "2026-01-06T00:00:00.000Z",
"value": "Version 15.0.1 released"
}
],
"title": "PDF Password CMDi",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
"assignerShortName": "NCSC.ch",
"cveId": "CVE-2026-27441",
"datePublished": "2026-03-04T08:49:30.946Z",
"dateReserved": "2026-02-19T13:56:28.868Z",
"dateUpdated": "2026-03-04T16:12:24.028Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2748 (GCVE-0-2026-2748)
Vulnerability from cvelistv5 – Published: 2026-03-04 08:48 – Updated: 2026-03-04 16:55
VLAI?
Title
S/MIME Certificate Subject Whitespace
Summary
SEPPmail Secure Email Gateway before version 15.0.1 improperly validates S/MIME certificates issued for email addresses containing whitespaces, allowing signature spoofing.
Severity ?
CWE
- CWE-295 - Improper Certificate Validation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SEPPmail | Secure Email Gateway |
Affected:
0 , < 15.0.1
(custom)
|
Credits
Andris Suter-Dörig
Matteo Scarlata
Kenny Paterson
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2748",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-04T16:51:21.240988Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-04T16:55:03.279Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Secure Email Gateway",
"vendor": "SEPPmail",
"versions": [
{
"lessThan": "15.0.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:seppmail:seppmail_secure_email_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.1",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Andris Suter-D\u00f6rig"
},
{
"lang": "en",
"type": "coordinator",
"value": "Matteo Scarlata"
},
{
"lang": "en",
"type": "coordinator",
"value": "Kenny Paterson"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SEPPmail Secure Email Gateway before version 15.0.1 improperly validates S/MIME certificates issued for email addresses containing whitespaces, allowing signature spoofing."
}
],
"value": "SEPPmail Secure Email Gateway before version 15.0.1 improperly validates S/MIME certificates issued for email addresses containing whitespaces, allowing signature spoofing."
}
],
"impacts": [
{
"capecId": "CAPEC-473",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-473 Signature Spoof"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:H/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-04T08:48:58.786Z",
"orgId": "455daabc-a392-441d-aa46-37d35189897c",
"shortName": "NCSC.ch"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#seppmail-vulnerability-disclosure"
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-10-31T14:22:00.000Z",
"value": "Vulnerability disclosed to SEPPmail"
},
{
"lang": "en",
"time": "2026-01-06T00:00:00.000Z",
"value": "SEPPmail version 15.0.1 released"
}
],
"title": "S/MIME Certificate Subject Whitespace",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
"assignerShortName": "NCSC.ch",
"cveId": "CVE-2026-2748",
"datePublished": "2026-03-04T08:48:58.786Z",
"dateReserved": "2026-02-19T13:56:33.534Z",
"dateUpdated": "2026-03-04T16:55:03.279Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-27442 (GCVE-0-2026-27442)
Vulnerability from cvelistv5 – Published: 2026-03-04 08:48 – Updated: 2026-03-04 19:08
VLAI?
Title
zip_attachments Path Traversal
Summary
The GINA web interface in SEPPmail Secure Email Gateway before version 15.0.1 does not properly check attachment filenames in GINA-encrypted emails, allowing an attacker to access files on the gateway.
Severity ?
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SEPPmail | Secure Email Gateway |
Affected:
0 , < 15.0.1
(custom)
|
Credits
Andris Suter-Dörig
Matteo Scarlata
Kenny Paterson
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-27442",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-04T19:07:50.991680Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-04T19:08:48.610Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Secure Email Gateway",
"vendor": "SEPPmail",
"versions": [
{
"lessThan": "15.0.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:seppmail:seppmail_secure_email_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.1",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Andris Suter-D\u00f6rig"
},
{
"lang": "en",
"type": "coordinator",
"value": "Matteo Scarlata"
},
{
"lang": "en",
"type": "coordinator",
"value": "Kenny Paterson"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The GINA web interface in SEPPmail Secure Email Gateway before version 15.0.1 does not properly check attachment filenames in GINA-encrypted emails, allowing an attacker to access files on the gateway."
}
],
"value": "The GINA web interface in SEPPmail Secure Email Gateway before version 15.0.1 does not properly check attachment filenames in GINA-encrypted emails, allowing an attacker to access files on the gateway."
}
],
"impacts": [
{
"capecId": "CAPEC-165",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-165 File Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-04T08:48:23.128Z",
"orgId": "455daabc-a392-441d-aa46-37d35189897c",
"shortName": "NCSC.ch"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#seppmail-vulnerability-disclosure"
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-10-31T14:22:00.000Z",
"value": "Vulnerability disclosed to SEPPmail"
},
{
"lang": "en",
"time": "2026-01-06T00:00:00.000Z",
"value": "Version 15.0.1 released"
}
],
"title": "zip_attachments Path Traversal",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
"assignerShortName": "NCSC.ch",
"cveId": "CVE-2026-27442",
"datePublished": "2026-03-04T08:48:23.128Z",
"dateReserved": "2026-02-19T13:56:28.869Z",
"dateUpdated": "2026-03-04T19:08:48.610Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-27445 (GCVE-0-2026-27445)
Vulnerability from cvelistv5 – Published: 2026-03-04 08:47 – Updated: 2026-03-04 19:26
VLAI?
Title
PGP Signature Reflection
Summary
SEPPmail Secure Email Gateway before version 15.0.1 does not properly verify that a PGP signature was generated by the expected key, allowing signature spoofing.
Severity ?
CWE
- CWE-347 - Improper Verification of Cryptographic Signature
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SEPPmail | Secure Email Gateway |
Affected:
0 , < 15.0.1
(custom)
|
Credits
Andris Suter-Dörig
Matteo Scarlata
Kenny Paterson
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-27445",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-04T19:20:17.205226Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-04T19:26:51.317Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Secure Email Gateway",
"vendor": "SEPPmail",
"versions": [
{
"lessThan": "15.0.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:seppmail:seppmail_secure_email_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.1",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Andris Suter-D\u00f6rig"
},
{
"lang": "en",
"type": "coordinator",
"value": "Matteo Scarlata"
},
{
"lang": "en",
"type": "coordinator",
"value": "Kenny Paterson"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SEPPmail Secure Email Gateway before version 15.0.1 does not properly verify that a PGP signature was generated by the expected key, allowing signature spoofing."
}
],
"value": "SEPPmail Secure Email Gateway before version 15.0.1 does not properly verify that a PGP signature was generated by the expected key, allowing signature spoofing."
}
],
"impacts": [
{
"capecId": "CAPEC-473",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-473 Signature Spoof"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:H/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-04T08:47:39.953Z",
"orgId": "455daabc-a392-441d-aa46-37d35189897c",
"shortName": "NCSC.ch"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#seppmail-vulnerability-disclosure"
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-10-31T14:22:00.000Z",
"value": "Vulnerability disclosed to SEPPmail"
},
{
"lang": "en",
"time": "2026-01-06T00:00:00.000Z",
"value": "Version 15.0.1 released"
}
],
"title": "PGP Signature Reflection",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
"assignerShortName": "NCSC.ch",
"cveId": "CVE-2026-27445",
"datePublished": "2026-03-04T08:47:39.953Z",
"dateReserved": "2026-02-19T13:56:28.869Z",
"dateUpdated": "2026-03-04T19:26:51.317Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-27444 (GCVE-0-2026-27444)
Vulnerability from cvelistv5 – Published: 2026-03-04 08:47 – Updated: 2026-03-04 19:28
VLAI?
Title
Header Email Address Parsing
Summary
SEPPmail Secure Email Gateway before version 15.0.1 incorrectly interprets email addresses in the email headers, causing an interpretation conflict with other mail infrastructure that allows an attacker to fake the source of the email or decrypt it.
Severity ?
CWE
- CWE-436 - Interpretation Conflict
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SEPPmail | Secure Email Gateway |
Affected:
0 , < 15.0.1
(custom)
|
Credits
Andris Suter-Dörig
Matteo Scarlata
Kenny Paterson
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-27444",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-04T19:28:45.431055Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-04T19:28:55.122Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Secure Email Gateway",
"vendor": "SEPPmail",
"versions": [
{
"lessThan": "15.0.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:seppmail:seppmail_secure_email_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.1",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Andris Suter-D\u00f6rig"
},
{
"lang": "en",
"type": "coordinator",
"value": "Matteo Scarlata"
},
{
"lang": "en",
"type": "coordinator",
"value": "Kenny Paterson"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SEPPmail Secure Email Gateway before version 15.0.1 incorrectly interprets email addresses in the email headers, causing an interpretation conflict with other mail infrastructure that allows an attacker to fake the source of the email or decrypt it."
}
],
"value": "SEPPmail Secure Email Gateway before version 15.0.1 incorrectly interprets email addresses in the email headers, causing an interpretation conflict with other mail infrastructure that allows an attacker to fake the source of the email or decrypt it."
}
],
"impacts": [
{
"capecId": "CAPEC-194",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-194 Fake the Source of Data"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:H/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-436",
"description": "CWE-436 Interpretation Conflict",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-04T08:47:05.758Z",
"orgId": "455daabc-a392-441d-aa46-37d35189897c",
"shortName": "NCSC.ch"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#seppmail-vulnerability-disclosure"
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-10-31T14:22:00.000Z",
"value": "Vulnerability disclosed to SEPPmail"
},
{
"lang": "en",
"time": "2026-01-06T00:00:00.000Z",
"value": "Version 15.0.1 released"
}
],
"title": "Header Email Address Parsing",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
"assignerShortName": "NCSC.ch",
"cveId": "CVE-2026-27444",
"datePublished": "2026-03-04T08:47:05.758Z",
"dateReserved": "2026-02-19T13:56:28.869Z",
"dateUpdated": "2026-03-04T19:28:55.122Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2747 (GCVE-0-2026-2747)
Vulnerability from cvelistv5 – Published: 2026-03-04 08:46 – Updated: 2026-03-04 19:38
VLAI?
Title
PGP Mixed Plaintext and Encrypted Content
Summary
SEPPmail Secure Email Gateway before version 15.0.1 decrypts inline PGP messages without isolating them from surrounding unencrypted content, allowing exposure of sensitive information to an unauthorized actor.
Severity ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SEPPmail | Secure Email Gateway |
Affected:
0 , < 15.0.1
(custom)
|
Credits
Andris Suter-Dörig
Matteo Scarlata
Kenny Paterson
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2747",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-04T19:36:54.535714Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-04T19:38:50.677Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Secure Email Gateway",
"vendor": "SEPPmail",
"versions": [
{
"lessThan": "15.0.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:seppmail:seppmail_secure_email_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.1",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Andris Suter-D\u00f6rig"
},
{
"lang": "en",
"type": "coordinator",
"value": "Matteo Scarlata"
},
{
"lang": "en",
"type": "coordinator",
"value": "Kenny Paterson"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SEPPmail Secure Email Gateway before version 15.0.1 decrypts inline PGP messages without isolating them from surrounding unencrypted content, allowing exposure of sensitive information to an unauthorized actor."
}
],
"value": "SEPPmail Secure Email Gateway before version 15.0.1 decrypts inline PGP messages without isolating them from surrounding unencrypted content, allowing exposure of sensitive information to an unauthorized actor."
}
],
"impacts": [
{
"capecId": "CAPEC-116",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-116 Excavation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:H/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-04T08:46:16.801Z",
"orgId": "455daabc-a392-441d-aa46-37d35189897c",
"shortName": "NCSC.ch"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#seppmail-vulnerability-disclosure"
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-10-31T14:22:00.000Z",
"value": "Vulnerability disclosed to SEPPmail"
},
{
"lang": "en",
"time": "2026-01-06T00:00:00.000Z",
"value": "SEPPmail version 15.0.1 released"
}
],
"title": "PGP Mixed Plaintext and Encrypted Content",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
"assignerShortName": "NCSC.ch",
"cveId": "CVE-2026-2747",
"datePublished": "2026-03-04T08:46:16.801Z",
"dateReserved": "2026-02-19T13:56:32.153Z",
"dateUpdated": "2026-03-04T19:38:50.677Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-27443 (GCVE-0-2026-27443)
Vulnerability from cvelistv5 – Published: 2026-03-04 08:45 – Updated: 2026-03-04 19:41
VLAI?
Title
S/MIME Decryption Tag Sanitization Bypass
Summary
SEPPmail Secure Email Gateway before version 15.0.1 does not properly sanitize the headers from S/MIME protected MIME entities, allowing an attacker to control trusted headers.
Severity ?
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SEPPmail | Secure Email Gateway |
Affected:
0 , < 15.0.1
(custom)
|
Credits
Andris Suter-Dörig
Matteo Scarlata
Kenny Paterson
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-27443",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-04T19:41:06.950808Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-04T19:41:41.356Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Secure Email Gateway",
"vendor": "SEPPmail",
"versions": [
{
"lessThan": "15.0.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:seppmail:seppmail_secure_email_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.1",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Andris Suter-D\u00f6rig"
},
{
"lang": "en",
"type": "coordinator",
"value": "Matteo Scarlata"
},
{
"lang": "en",
"type": "coordinator",
"value": "Kenny Paterson"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SEPPmail Secure Email Gateway before version 15.0.1 does not properly sanitize the headers from S/MIME protected MIME entities, allowing an attacker to control trusted headers."
}
],
"value": "SEPPmail Secure Email Gateway before version 15.0.1 does not properly sanitize the headers from S/MIME protected MIME entities, allowing an attacker to control trusted headers."
}
],
"impacts": [
{
"capecId": "CAPEC-43",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-43 Exploiting Multiple Input Interpretation Layers"
}
]
},
{
"capecId": "CAPEC-194",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-194 Fake the Source of Data"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-04T08:45:23.130Z",
"orgId": "455daabc-a392-441d-aa46-37d35189897c",
"shortName": "NCSC.ch"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#seppmail-vulnerability-disclosure"
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-10-31T14:22:00.000Z",
"value": "Vulnerability disclosed to SEPPmail"
},
{
"lang": "en",
"time": "2026-01-06T00:00:00.000Z",
"value": "Version 15.0.1 released"
}
],
"title": "S/MIME Decryption Tag Sanitization Bypass",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
"assignerShortName": "NCSC.ch",
"cveId": "CVE-2026-27443",
"datePublished": "2026-03-04T08:45:23.130Z",
"dateReserved": "2026-02-19T13:56:28.869Z",
"dateUpdated": "2026-03-04T19:41:41.356Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2746 (GCVE-0-2026-2746)
Vulnerability from cvelistv5 – Published: 2026-03-04 08:44 – Updated: 2026-03-04 21:26
VLAI?
Title
Missing PGP Signature Tag
Summary
SEPPmail Secure Email Gateway before version 15.0.1 does not properly communicate PGP signature verification results, leaving users unable to detect forged emails.
Severity ?
CWE
- CWE-347 - Improper Verification of Cryptographic Signature
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SEPPmail | Secure Email Gateway |
Affected:
0 , < 15.0.1
(custom)
|
Credits
Andris Suter-Dörig
Matteo Scarlata
Kenny Paterson
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2746",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-04T21:26:12.416325Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-04T21:26:24.749Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Secure Email Gateway",
"vendor": "SEPPmail",
"versions": [
{
"lessThan": "15.0.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:seppmail:seppmail_secure_email_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.1",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Andris Suter-D\u00f6rig"
},
{
"lang": "en",
"type": "coordinator",
"value": "Matteo Scarlata"
},
{
"lang": "en",
"type": "coordinator",
"value": "Kenny Paterson"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SEPPmail Secure Email Gateway before version 15.0.1 does not properly communicate PGP signature verification results, leaving users unable to detect forged emails."
}
],
"value": "SEPPmail Secure Email Gateway before version 15.0.1 does not properly communicate PGP signature verification results, leaving users unable to detect forged emails."
}
],
"impacts": [
{
"capecId": "CAPEC-194",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-194 Fake the Source of Data"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-04T08:44:31.726Z",
"orgId": "455daabc-a392-441d-aa46-37d35189897c",
"shortName": "NCSC.ch"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#seppmail-vulnerability-disclosure"
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-10-31T14:22:00.000Z",
"value": "Vulnerability disclosed to SEPPmail"
},
{
"lang": "en",
"time": "2026-01-06T00:00:00.000Z",
"value": "SEPPmail version 15.0.1 released"
}
],
"title": "Missing PGP Signature Tag",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
"assignerShortName": "NCSC.ch",
"cveId": "CVE-2026-2746",
"datePublished": "2026-03-04T08:44:31.726Z",
"dateReserved": "2026-02-19T13:56:30.878Z",
"dateUpdated": "2026-03-04T21:26:24.749Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2022-41871 (GCVE-0-2022-41871)
Vulnerability from cvelistv5 – Published: 2025-04-28 00:00 – Updated: 2025-04-28 15:56
VLAI?
Summary
SEPPmail through 12.1.17 allows command injection within the Admin Portal. An authenticated attacker is able to execute arbitrary code in the context of the user root.
Severity ?
6 (Medium)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-41871",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-28T15:56:42.583527Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-28T15:56:47.887Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SEPPmail",
"vendor": "SEPPmail",
"versions": [
{
"status": "affected",
"version": "12.1.17",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:seppmail:seppmail:*:*:*:*:*:*:*:*",
"versionEndIncluding": "12.1.17",
"versionStartIncluding": "12.1.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SEPPmail through 12.1.17 allows command injection within the Admin Portal. An authenticated attacker is able to execute arbitrary code in the context of the user root."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-28T15:32:42.712Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.seppmail.com/products/"
},
{
"url": "https://code-white.com/public-vulnerability-list/"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-41871",
"datePublished": "2025-04-28T00:00:00.000Z",
"dateReserved": "2022-09-30T00:00:00.000Z",
"dateUpdated": "2025-04-28T15:56:47.887Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-31740 (GCVE-0-2021-31740)
Vulnerability from cvelistv5 – Published: 2022-11-30 00:00 – Updated: 2025-04-25 14:40
VLAI?
Summary
SEPPMail's web frontend, user input is not embedded correctly in the web page and therefore leads to cross-site scripting vulnerabilities (XSS).
Severity ?
6.1 (Medium)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:03:33.703Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.pentagrid.ch/en/blog/multiple-vulnerabilities-in-seppmail/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2021-31740",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-25T14:40:00.138399Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-25T14:40:46.673Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SEPPMail\u0027s web frontend, user input is not embedded correctly in the web page and therefore leads to cross-site scripting vulnerabilities (XSS)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-30T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.pentagrid.ch/en/blog/multiple-vulnerabilities-in-seppmail/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-31740",
"datePublished": "2022-11-30T00:00:00.000Z",
"dateReserved": "2021-04-23T00:00:00.000Z",
"dateUpdated": "2025-04-25T14:40:46.673Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-31739 (GCVE-0-2021-31739)
Vulnerability from cvelistv5 – Published: 2022-11-18 00:00 – Updated: 2025-04-29 19:17
VLAI?
Summary
The SEPPmail solution is vulnerable to a Cross-Site Scripting vulnerability (XSS), because user input is not correctly encoded in HTML attributes when returned by the server.SEPPmail 11.1.10 allows XSS via a recipient address.
Severity ?
6.1 (Medium)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:03:33.699Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.pentagrid.ch/en/blog/multiple-vulnerabilities-in-seppmail/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2021-31739",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-29T19:17:26.086138Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-29T19:17:51.698Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The SEPPmail solution is vulnerable to a Cross-Site Scripting vulnerability (XSS), because user input is not correctly encoded in HTML attributes when returned by the server.SEPPmail 11.1.10 allows XSS via a recipient address."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-18T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.pentagrid.ch/en/blog/multiple-vulnerabilities-in-seppmail/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-31739",
"datePublished": "2022-11-18T00:00:00.000Z",
"dateReserved": "2021-04-23T00:00:00.000Z",
"dateUpdated": "2025-04-29T19:17:51.698Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}