Shodan
Vulnerabilities
Vulnerable Software
Seppmail:  Security Vulnerabilities
CVE-2026-29133
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to upload PGP keys with UIDs that do not match their email address.
CVSS Score
5.3
EPSS Score
0.001
Published
2026-04-02
CVE-2026-29134
SEPPmail Secure Email Gateway before version 15.0.3 allows an external user to modify GINA webdomain metadata and bypass per-domain restrictions.
CVSS Score
5.3
EPSS Score
0.001
Published
2026-04-02
CVE-2026-29135
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to craft a password-tag that bypasses subject sanitization.
CVSS Score
5.3
EPSS Score
0.001
Published
2026-04-02
CVE-2026-29136
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to inject HTML into notification emails about new CA certificates.
CVSS Score
5.3
EPSS Score
0.0
Published
2026-04-02
CVE-2026-2743
Arbitrary File Write via Path Traversal upload to Remote Code Execution in SeppMail User Web Interface. The affected feature is the large file transfer (LFT). This issue affects SeppMail: 15.0.2.1 and before
CVSS Score
10.0
EPSS Score
0.006
Published
2026-03-05
CVE-2026-2747
SEPPmail Secure Email Gateway before version 15.0.1 decrypts inline PGP messages without isolating them from surrounding unencrypted content, allowing exposure of sensitive information to an unauthorized actor.
CVSS Score
6.9
EPSS Score
0.0
Published
2026-03-04
CVE-2026-2748
SEPPmail Secure Email Gateway before version 15.0.1 improperly validates S/MIME certificates issued for email addresses containing whitespaces, allowing signature spoofing.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-03-04
CVE-2026-2746
SEPPmail Secure Email Gateway before version 15.0.1 does not properly communicate PGP signature verification results, leaving users unable to detect forged emails.
CVSS Score
6.9
EPSS Score
0.0
Published
2026-03-04
CVE-2026-27442
The GINA web interface in SEPPmail Secure Email Gateway before version 15.0.1 does not properly check attachment filenames in GINA-encrypted emails, allowing an attacker to access files on the gateway.
CVSS Score
9.3
EPSS Score
0.0
Published
2026-03-04
CVE-2026-27443
SEPPmail Secure Email Gateway before version 15.0.1 does not properly sanitize the headers from S/MIME protected MIME entities, allowing an attacker to control trusted headers.
CVSS Score
8.2
EPSS Score
0.001
Published
2026-03-04


Products
Pricing
Contact Us

Shodan ® - All rights reserved