SEPPmail Secure Email Gateway - PGP Signature Verification Failure

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

6.9

SEPPmail Secure Email Gateway - PGP Signature Verification Failure

CVE-2026-2746

Summary

SEPPmail Secure Email Gateway before version 15.0.1 fails to inform users if an email's PGP signature is invalid, making it difficult to detect fake emails. This means users may unknowingly open or respond to emails that have been tampered with. To stay safe, update to version 15.0.1 or later.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software

Vendor	Product	Affected versions	Fix available
seppmail	seppmail	<= 15.0.1	–

Original title

SEPPmail Secure Email Gateway before version 15.0.1 does not properly communicate PGP signature verification results, leaving users unable to detect forged emails.

Original description

SEPPmail Secure Email Gateway before version 15.0.1 does not properly communicate PGP signature verification results, leaving users unable to detect forged emails.

nvd CVSS3.1 5.3

nvd CVSS4.0 6.9

Vulnerability type

CWE-347 Improper Verification of Cryptographic Signature

https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#seppmail-vulnerabili... Vendor Advisory

Published: 4 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026