Seppmail Secure Email Gateway
22 CVEs affecting Seppmail Secure Email Gateway. Latest disclosed: 2026-04-02. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-29136 | | 2026-04-02 | SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to inject HTML into notification emails about new CA certificates. | |
CVE-2026-29139 | | 2026-04-02 | SEPPmail Secure Email Gateway before version 15.0.3 allows account takeover by abusing GINA account initialization to reset a victim account password. | |
CVE-2026-29144 | | 2026-04-02 | SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to bypass subject sanitization and forge security tags using Unicode lookalike character… | |
CVE-2026-29143 | | 2026-04-02 | SEPPmail Secure Email Gateway before version 15.0.3 does not properly authenticate the inner message of S/MIME-encrypted MIME entities, allowing an attacker to… | |
CVE-2026-29138 | | 2026-04-02 | SEPPmail Secure Email Gateway before version 15.0.3 allows attackers with a specially crafted email address to claim another user's PGP signature as their own. | |
CVE-2026-29131 | | 2026-04-02 | SEPPmail Secure Email Gateway before version 15.0.3 allows attackers with a specially crafted email address to read the contents of emails encrypted for other… | |
CVE-2026-29142 | | 2026-04-02 | SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to forge a GINA-encrypted email. | |
CVE-2026-29137 | | 2026-04-02 | SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to hide security tags from users by crafting a long subject. | |
CVE-2026-29141 | | 2026-04-02 | SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to bypass subject sanitization and forge tags such as [signed OK]. | |
CVE-2026-29135 | | 2026-04-02 | SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to craft a password-tag that bypasses subject sanitization. | |
CVE-2026-29134 | | 2026-04-02 | SEPPmail Secure Email Gateway before version 15.0.3 allows an external user to modify GINA webdomain metadata and bypass per-domain restrictions. | |
CVE-2026-29140 | | 2026-04-02 | SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to cause attacker-controlled certificates to be used for future encryption to a victim b… | |
CVE-2026-29133 | | 2026-04-02 | SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to upload PGP keys with UIDs that do not match their email address. | |
CVE-2026-29132 | | 2026-04-02 | SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker with access to a victim's GINA account to bypass a second-password check and read protec… | |
CVE-2026-27441 | | 2026-03-04 | SEPPmail Secure Email Gateway before version 15.0.1 insufficiently neutralizes the PDF encryption password, allowing OS command execution. | |
CVE-2026-2748 | | 2026-03-04 | SEPPmail Secure Email Gateway before version 15.0.1 improperly validates S/MIME certificates issued for email addresses containing whitespaces, allowing signat… | |
CVE-2026-27442 | | 2026-03-04 | The GINA web interface in SEPPmail Secure Email Gateway before version 15.0.1 does not properly check attachment filenames in GINA-encrypted emails, allowing a… | |
CVE-2026-27445 | | 2026-03-04 | SEPPmail Secure Email Gateway before version 15.0.1 does not properly verify that a PGP signature was generated by the expected key, allowing signature spoofin… | |
CVE-2026-27444 | | 2026-03-04 | SEPPmail Secure Email Gateway before version 15.0.1 incorrectly interprets email addresses in the email headers, causing an interpretation conflict with other… | |
CVE-2026-2747 | | 2026-03-04 | SEPPmail Secure Email Gateway before version 15.0.1 decrypts inline PGP messages without isolating them from surrounding unencrypted content, allowing exposure… |