Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.9
SEPPmail Secure Email Gateway: PGP Data Exposure
CVE-2026-2747
Summary
A flaw in SEPPmail Secure Email Gateway allows sensitive information to be exposed to unauthorized users. This happens when the software decrypts emails with PGP encryption without properly separating the encrypted content from the rest of the unencrypted message. To fix this issue, update to version 15.0.1 or later.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| seppmail | seppmail | <= 15.0.1 | – |
Original title
SEPPmail Secure Email Gateway before version 15.0.1 decrypts inline PGP messages without isolating them from surrounding unencrypted content, allowing exposure of sensitive information to an unauth...
Original description
SEPPmail Secure Email Gateway before version 15.0.1 decrypts inline PGP messages without isolating them from surrounding unencrypted content, allowing exposure of sensitive information to an unauthorized actor.
nvd CVSS3.1
7.5
nvd CVSS4.0
6.9
Vulnerability type
CWE-200
Information Exposure
Published: 4 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026