Skip to main content

Secure Email Gateway CVE-2026-29144

| EUVDEUVD-2026-18168 HIGH
Improper Input Validation (CWE-20)
2026-04-02 NCSC.ch GHSA-vc5m-vgvg-698r
7.8
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

7
Re-analysis Queued
Apr 16, 2026 - 19:07 vuln.today
cvss_changed
Analysis Updated
Apr 16, 2026 - 06:08 EUVD-patch-fix
executive_summary
Re-analysis Queued
Apr 16, 2026 - 05:29 backfill_euvd_patch
patch_released
Patch available
Apr 16, 2026 - 05:29 EUVD
15.0.3
EUVD ID Assigned
Apr 02, 2026 - 09:00 euvd
EUVD-2026-18168
Analysis Generated
Apr 02, 2026 - 09:00 vuln.today
CVE Published
Apr 02, 2026 - 08:50 nvd
HIGH 7.8

DescriptionCVE.org

SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to bypass subject sanitization and forge security tags using Unicode lookalike characters.

AnalysisAI

SEPPmail Secure Email Gateway before version 15.0.3 allows attackers to bypass subject sanitization and forge security tags by exploiting Unicode lookalike characters, enabling email spoofing and phishing attacks that evade gateway security controls. This vulnerability affects all versions prior to 15.0.3, impacts organizations relying on SEPPmail for email security, and requires immediate patching. No public exploit code has been identified at the time of analysis.

Technical ContextAI

The vulnerability stems from insufficient input validation (CWE-20) in SEPPmail's subject line and security tag processing mechanisms. The root cause involves the gateway's failure to normalize or properly validate Unicode characters, allowing attackers to use visually similar Unicode lookalike characters (homoglyphs) to bypass sanitization filters designed to prevent subject line manipulation and forged security tags. Security tags are typically used by email gateways to indicate authentication status, encryption, or other security properties to end users; Unicode homoglyphs can make malicious content appear legitimate to human readers while technically satisfying the gateway's validation logic. The affected product is SEPPmail Secure Email Gateway, a message security and compliance appliance used for email filtering and policy enforcement.

RemediationAI

Vendor-released patch: upgrade SEPPmail Secure Email Gateway to version 15.0.3 or later. Organizations should apply this patch immediately, as the vulnerability enables trivial email spoofing attacks that directly undermine gateway security. Consult the official SEPPmail release notes at https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#seppmail-vulnerability-disclosure-1503 for upgrade procedures and any interim mitigations. No workarounds to block Unicode homoglyph attacks are practical without patching the underlying validation logic; temporary compensating controls such as user awareness training about suspicious visual artifacts in subjects may provide minimal defense pending patch deployment.

CVE-2024-9043 CRITICAL
9.8 Sep 20

Secure Email Gateway from Cellopoint has Buffer Overflow Vulnerability in authentication process. Rated critical severit

CVE-2024-20401 CRITICAL
9.8 Jul 17

A vulnerability in the content scanning and message filtering features of Cisco Secure Email Gateway could allow an unau

CVE-2024-6744 CRITICAL
9.8 Jul 15

The SMTP Listener of Secure Email Gateway from Cellopoint does not properly validate user input, leading to a Buffer Ove

CVE-2026-44128 CRITICAL
9.3 May 08

Remote code execution in SEPPmail Secure Email Gateway versions prior to 15.0.2.1 enables unauthenticated attackers to e

CVE-2026-44125 CRITICAL
9.3 May 08

Authorization bypass in SEPPmail Secure Email Gateway versions prior to 15.0.4 enables remote unauthenticated attackers

CVE-2026-44127 HIGH
8.8 May 08

Remote unauthenticated attackers can read arbitrary local files and trigger deletion of targeted files in SEPPmail Secur

CVE-2026-29143 HIGH
7.8 Apr 02

SEPPmail Secure Email Gateway before version 15.0.3 fails to properly authenticate inner messages within S/MIME-encrypte

CVE-2026-29139 HIGH
7.8 Apr 02

Account takeover in SEPPmail Secure Email Gateway versions before 15.0.3 allows unauthenticated attackers to reset victi

CVE-2026-29141 HIGH
7.7 Apr 02

SEPPmail Secure Email Gateway before version 15.0.3 allows remote attackers to bypass subject line sanitization controls

CVE-2026-29140 HIGH
7.7 Apr 02

SEPPmail Secure Email Gateway before version 15.0.3 allows remote attackers to inject malicious certificates into S/MIME

CVE-2026-8811 HIGH
7.1 Jun 18

Path traversal in SEPPmail Secure Email Gateway versions before 15.0.5 allows authenticated remote attackers to write fi

CVE-2026-7864 MEDIUM
6.9 May 08

SEPPmail Secure Email Gateway before version 15.0.4 exposes server environment variables through an unauthenticated endp

Share

CVE-2026-29144 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy