CVE-2026-44126

SEPPmail Secure Email Gateway before version 15.0.4 insecurely deserializes untrusted data, which can be reached from the new GINA UI and may allow unauthenticated remote attackers to execute code via a crafted serialized object...

CVE-2026-44126

CVE-2026-44126 affects SEPPmail Secure Email Gateway (pre-15.0.4). The issue is insecure deserialization of untrusted data reachable from the new GINA UI, enabling unauthenticated remote code execution via a crafted serialized object. Exploit details, affected versions, and exact remediation are ...

CVE-2026-44125 Missing Authorization in GINAv2

SEPPmail Secure Email Gateway before version 15.0.4 fails to enforce authorization checks for multiple endpoints in the new GINA UI, allowing unauthenticated remote attackers to access functionality that should require a valid session...

CVE-2026-44125 Missing Authorization in GINAv2

SEPPmail Secure Email Gateway before version 15.0.4 fails to enforce authorization checks for multiple endpoints in the new GINA UI, allowing unauthenticated remote attackers to access functionality that should require a valid session...

CVE-2026-44125

Affected product/variant: SEPPmail Secure Email Gateway (GINA UI). Vulnerability summary: Versions before 15.0.4 fail to enforce authorization checks on multiple endpoints in the new GINA UI, enabling unauthenticated remote access to functionality that should require a valid session. Impact (as s...

CVE-2026-44129 Server-side template injection

SEPPmail Secure Email Gateway before version 15.0.4 contains a server-side template injection vulnerability in the new GINA UI because an endpoint accepts attacker-controlled template, allowing remote attackers to execute arbitrary template expressions and potentially achieve remote code executio...

CVE-2026-44129

CVE-2026-44129 affects SEPPmail Secure Email Gateway prior to version 15.0.4, where a server-side template injection exists in the new GINA UI. An endpoint accepts attacker-controlled templates, enabling remote attackers to execute arbitrary template expressions and potentially achieve remote cod...

CVE-2026-44128 Unauthenticated Remote Code Execution

SEPPmail Secure Email Gateway before version 15.0.2.1 allows unauthenticated remote code execution in the new GINA UI because an endpoint passes attacker-controlled input from a parameter to Perl's eval...

CVE-2026-44128 Unauthenticated Remote Code Execution

SEPPmail Secure Email Gateway before version 15.0.2.1 allows unauthenticated remote code execution in the new GINA UI because an endpoint passes attacker-controlled input from a parameter to Perl's eval...

CVE-2026-44128

CVE-2026-44128 affects SEPPmail Secure Email Gateway prior to version 15.0.2.1. The root cause is unauthenticated remote code execution caused by passing attacker-controlled input from a parameter to Perl’s eval in the new GINA UI. This leads to full compromise without authentication, as indicate...

CVE-2026-7864 Exposure of Sensitive Information to an Unauthorized Actor

SEPPmail Secure Email Gateway before version 15.0.4 exposes server environment variables through an unauthenticated endpoint in the new GINA UI, allowing remote attackers to obtain sensitive system information...

CVE-2026-7864

SEPPmail Secure Email Gateway is affected by CVE-2026-7864: versions prior to 15.0.4 expose server environment variables via an unauthenticated endpoint in the new GINA UI, enabling remote attackers to obtain sensitive system information. Affected component is the GINA UI backend exposing environ...

SUSE CVE-2026-7897

Use after free in Mobile in Google Chrome on iOS prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

SUSE CVE-2026-7991

Use after free in UI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

SUSE CVE-2026-8015

Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

SUSE CVE-2026-8019

Insufficient policy enforcement in WebApp in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

SEPPmail Secure Email Gateway 安全漏洞

SEPPmail Secure Email Gateway is an email security gateway developed by the German company SEPPmail. Versions of SEPPmail Secure Email Gateway prior to version 15.0.4 contained security vulnerabilities. These vulnerabilities stemmed from the lack of authorization checks for multiple endpoints in...

SEPPmail Secure Email Gateway 安全漏洞

SEPPmail Secure Email Gateway is an email security gateway developed by the German company SEPPmail. Versions of SEPPmail Secure Email Gateway prior to version 15.0.2.1 contained security vulnerabilities. These vulnerabilities stemmed from the use of the eval function in the new GINA UI, allowing...

SEPPmail Secure Email Gateway 安全漏洞

SEPPmail Secure Email Gateway is an email security gateway developed by the German company SEPPmail. Versions of SEPPmail Secure Email Gateway prior to version 15.0.4 contained security vulnerabilities. These vulnerabilities stemmed from templates accepted by the new GINA UI that could be...

SEPPmail Secure Email Gateway 安全漏洞

SEPPmail Secure Email Gateway is an email security gateway developed by the German company SEPPmail. Versions of SEPPmail Secure Email Gateway prior to version 15.0.4 contained security vulnerabilities. These vulnerabilities stemmed from unvalidated endpoints in the new GINA UI, which exposed...