Path Traversal in Seppmail Secure Email Gateway

CVE-2026-27442

The GINA web interface in SEPPmail Secure Email Gateway before version 15.0.1 does not properly check attachment filenames in GINA-encrypted emails, allowing an attacker to access files on the gateway.

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.000 (5.7th percentile) — read the EPSS interpretation.

Affected products

Seppmail Secure Email Gateway — versions 0

Weakness classification (CWE)

CWE-22 — Path Traversal

References

downloads.seppmail.com/extrelnotes/150/ERN15.0.html (release-notes)