Lucene search
K
SeppmailSecure Email Gateway

14 matches found

CVE
CVE
added 2026/04/02 8:42 a.m.17 views

CVE-2026-29137

Affected product: SEPPmail Secure Email GatewayVulnerability: An attacker can hide security tags from users by crafting a long subject, affecting versions prior to 15.0.3.Root cause/impact: The long subject enables evasion of displayed security tags; CVSS metrics indicate medium severity with net...

5.3CVSS5.9AI score0.00189EPSS
CVE
CVE
added 2026/04/02 8:34 a.m.14 views

CVE-2026-29141

The CVE affects SEPPmail Secure Email Gateway prior to version 15.0.3 . The issue is an insufficient subject sanitization that allows an attacker to forge tags such as [signed OK] . Documented impact shows no confidentiality impact, but potential integrity impact (subsequent) is HIGH ; attack vec...

7.7CVSS5.9AI score0.00212EPSS
CVE
CVE
added 2026/04/02 8:44 a.m.14 views

CVE-2026-29142

The CVE affects SEPPmail Secure Email Gateway prior to version 15.0.3, where an attacker can forge a GINA-encrypted email. Affected product: SEPPmail Secure Email Gateway; root cause: improper handling of GINA encryption outside the intended trust boundary (as described in vulnerability notes). I...

6.3CVSS5.9AI score0.00126EPSS
CVE
CVE
added 2026/04/02 8:49 a.m.12 views

CVE-2026-29143

CVE-2026-29143 affects SEPPmail Secure Email Gateway prior to version 15.0.3. The issue is that the inner S/MIME-encrypted MIME entity is not properly authenticated, enabling an attacker to manipulate trusted headers. The root cause is insufficient verification of the inner message, with potentia...

9.1CVSS5.9AI score0.0025EPSS
CVE
CVE
added 2026/04/02 8:25 a.m.11 views

CVE-2026-29132

CVE-2026-29132 affects SEPPmail Secure Email Gateway prior to 15.0.3. An attacker who has access to a victim’s GINA account can bypass a second-password check and read protected emails. The vulnerability is documented across multiple feeds (NVD/Red Hat/EUVD/CIRCL, etc.), consistently stating the ...

7.5CVSS5.9AI score0.00251EPSS
CVE
CVE
added 2026/04/02 8:52 a.m.11 views

CVE-2026-29139

CVE-2026-29139 affects SEPPmail Secure Email Gateway prior to version 15.0.3. The root cause is misuse of GINA account initialization, which can be leveraged to reset a victim’s password and lead to account takeover. Documents indicate a network-exposed vulnerability with high/severe impact (an a...

9.8CVSS5.9AI score0.00274EPSS
CVE
CVE
added 2026/04/02 8:26 a.m.10 views

CVE-2026-29133

SEPPmail Secure Email Gateway is affected (versions before 15.0.3) by a vulnerability where an attacker can upload PGP keys with UIDs that do not match the associated email address. The root cause is inadequate UID validation for uploaded keys, enabling UID/address discrepancy. Documented impact ...

9.1CVSS5.9AI score0.00232EPSS
CVE
CVE
added 2026/04/02 8:29 a.m.10 views

CVE-2026-29134

SEPPmail Secure Email Gateway is affected prior to version 15.0.3. The issue allows an external user to modify GINA webdomain metadata and bypass per‑domain restrictions, arising from the ability to change GINA metadata rather than a broader exploit chain. Documents consistently describe the vuln...

7.5CVSS5.9AI score0.00225EPSS
CVE
CVE
added 2026/04/02 8:31 a.m.10 views

CVE-2026-29135

SEPPmail Secure Email Gateway is affected by CVE-2026-29135: versions prior to 15.0.3 allow an attacker to craft a password-tag that bypasses subject sanitization. The issue concerns the password-tag handling in the webmail/processing flow (no explicit exploit details provided in the documents). ...

7.5CVSS5.9AI score0.00252EPSS
CVE
CVE
added 2026/04/02 8:27 a.m.10 views

CVE-2026-29140

CVE-2026-29140 affects SEPPmail Secure Email Gateway prior to version 15.0.3. The issue allows an attacker to cause attacker-controlled certificates to be used for future encryption on a victim by inserting those certificates into S/MIME signatures. The root cause is not explicitly broken out bey...

7.7CVSS5.9AI score0.0012EPSS
CVE
CVE
added 2026/04/02 8:53 a.m.9 views

CVE-2026-29136

Affected software: SEPPmail Secure Email Gateway (pre-15.0.3). The issue is HTML injection in notification emails about new CA certificates, caused by and/or enabling injection into these messages. Impact is limited to the ability to inject HTML into CA-cert notification emails; no additional det...

6.1CVSS5.9AI score0.001EPSS
CVE
CVE
added 2026/04/02 8:47 a.m.9 views

CVE-2026-29138

SEPPmail Secure Email Gateway is affected by CVE-2026-29138 in versions prior to 15.0.3. The issue allows an attacker who sends a specially crafted email address to claim another user’s PGP signature as their own. Affected product/component: SEPPmail Secure Email Gateway; vulnerability type: misu...

7.5CVSS5.9AI score0.00217EPSS
CVE
CVE
added 2026/04/02 8:50 a.m.9 views

CVE-2026-29144

SEPPmail Secure Email Gateway vulnerability CVE-2026-29144 affects versions prior to 15.0.3. An attacker can bypass subject sanitization and forge security tags using Unicode lookalike characters. The documents do not provide exploitation details, affected product scope beyond the stated version ...

7.8CVSS5.9AI score0.00212EPSS
CVE
CVE
added 2026/04/02 8:46 a.m.8 views

CVE-2026-29131

SEPPmail Secure Email Gateway is affected up to version 15.0.3. A vulnerability in the PGP decryption recipient handling allows attackers who can craft a recipient email address to read emails encrypted for other users. The issue is identified as CVE-2026-29131. Connected sources corroborate the ...

7.5CVSS5.9AI score0.00226EPSS