Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4DescriptionCVE.org
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to hide security tags from users by crafting a long subject.
AnalysisAI
SEPPmail Secure Email Gateway before version 15.0.3 allows remote attackers to conceal security tags from end users by submitting emails with excessively long subject lines, enabling potential phishing and message spoofing attacks by bypassing visual security indicators. The vulnerability affects all versions prior to 15.0.3 across the product line and has been reported by Switzerland's National Cyber Security Centre (NCSC.ch). No active exploitation has been confirmed, and no public exploit code is currently available.
Technical ContextAI
SEPPmail Secure Email Gateway is an email security appliance that applies cryptographic signatures and security tags to classify messages (legitimate, phishing risk, etc.) for end-user awareness. The vulnerability stems from improper input validation (CWE-20: Improper Input Validation) in the subject line processing logic. When a subject line exceeds a certain length threshold, the gateway's tag-rendering engine fails to properly display or apply security tags to the message presentation layer. This allows an attacker to craft emails with intentionally long subjects that cause the security tag display mechanism to be bypassed or truncated, leaving recipients without visual indicators of message authenticity or risk classification. The issue is not a cryptographic weakness but a user interface bypass in the email client rendering layer.
RemediationAI
Vendor-released patch: SEPPmail Secure Email Gateway version 15.0.3 and later. Organizations running SEPPmail should upgrade immediately to version 15.0.3 or higher. No workarounds for this vulnerability are documented; patching is the primary mitigation. For detailed upgrade procedures and release notes, refer to the vendor's release notes at https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#seppmail-vulnerability-disclosure-1503. Administrators should verify successful deployment of the patched version and confirm that security tag rendering is functioning correctly on representative test emails.
More in Secure Email Gateway
View allSecure Email Gateway from Cellopoint has Buffer Overflow Vulnerability in authentication process. Rated critical severit
A vulnerability in the content scanning and message filtering features of Cisco Secure Email Gateway could allow an unau
The SMTP Listener of Secure Email Gateway from Cellopoint does not properly validate user input, leading to a Buffer Ove
Remote code execution in SEPPmail Secure Email Gateway versions prior to 15.0.2.1 enables unauthenticated attackers to e
Authorization bypass in SEPPmail Secure Email Gateway versions prior to 15.0.4 enables remote unauthenticated attackers
Remote unauthenticated attackers can read arbitrary local files and trigger deletion of targeted files in SEPPmail Secur
SEPPmail Secure Email Gateway before version 15.0.3 allows attackers to bypass subject sanitization and forge security t
SEPPmail Secure Email Gateway before version 15.0.3 fails to properly authenticate inner messages within S/MIME-encrypte
Account takeover in SEPPmail Secure Email Gateway versions before 15.0.3 allows unauthenticated attackers to reset victi
SEPPmail Secure Email Gateway before version 15.0.3 allows remote attackers to bypass subject line sanitization controls
SEPPmail Secure Email Gateway before version 15.0.3 allows remote attackers to inject malicious certificates into S/MIME
Path traversal in SEPPmail Secure Email Gateway versions before 15.0.5 allows authenticated remote attackers to write fi
Same weakness CWE-20 – Improper Input Validation
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-18154