Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.3
SEPPmail Gateway Exposes Encrypted Email Attachments to Malicious Access
CVE-2026-27442
Summary
A security flaw in the SEPPmail Gateway's email interface allows hackers to access files attached to encrypted emails. This means that even if an email is encrypted, an attacker could potentially access the files it contains. To protect your system, update to version 15.0.1 or later.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| seppmail | seppmail | <= 15.0.1 | – |
Original title
The GINA web interface in SEPPmail Secure Email Gateway before version 15.0.1 does not properly check attachment filenames in GINA-encrypted emails, allowing an attacker to access files on the gate...
Original description
The GINA web interface in SEPPmail Secure Email Gateway before version 15.0.1 does not properly check attachment filenames in GINA-encrypted emails, allowing an attacker to access files on the gateway.
nvd CVSS3.1
7.5
nvd CVSS4.0
9.3
Vulnerability type
CWE-22
Path Traversal
Published: 4 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026