Skip to main content

Secure Email Gateway

24 CVEs product

Monthly

CVE-2026-8811 HIGH PATCH This Week

Path traversal in SEPPmail Secure Email Gateway versions before 15.0.5 allows authenticated remote attackers to write files outside the intended directory by manipulating attachment filenames processed during encrypted PDF generation. Files can be placed in web-accessible locations, enabling potential webshell deployment and integrity compromise. No public exploit identified at time of analysis; the issue was reported by NCSC.ch and is fixed in 15.0.5.

Path Traversal Secure Email Gateway
NVD
CVSS 4.0
7.1
EPSS
0.4%
CVE-2026-44125 CRITICAL PATCH Act Now

Authorization bypass in SEPPmail Secure Email Gateway versions prior to 15.0.4 enables remote unauthenticated attackers to access privileged GINA UI endpoints without authentication. The vulnerability (CISA reported by Swiss NCSC) affects core access control mechanisms with CVSS 9.3 critical severity, allowing complete system compromise through network-accessible administrative interfaces. No active exploitation (CISA KEV) or public exploit code identified at time of analysis, but the network-accessible attack vector with no authentication barrier presents immediate risk to internet-facing deployments.

Authentication Bypass Secure Email Gateway
NVD
CVSS 4.0
9.3
EPSS
0.1%
CVE-2026-44128 CRITICAL PATCH Act Now

Remote code execution in SEPPmail Secure Email Gateway versions prior to 15.0.2.1 enables unauthenticated attackers to execute arbitrary Perl code via the GINA UI. The vulnerability stems from an endpoint passing unsanitized user input directly to Perl's eval function, allowing complete system compromise. Reported by Switzerland's national CERT (NCSC.ch), this represents a critical pre-authentication attack surface requiring immediate patching.

Code Injection RCE Secure Email Gateway
NVD
CVSS 4.0
9.3
EPSS
0.3%
CVE-2026-44127 HIGH PATCH This Week

Remote unauthenticated attackers can read arbitrary local files and trigger deletion of targeted files in SEPPmail Secure Email Gateway versions before 15.0.4 through path traversal in the /api.app/attachment/preview endpoint. The vulnerability allows exploitation without authentication or user interaction (CVSS:4.0 AV:N/AC:L/PR:N/UI:N), enabling attackers to exfiltrate sensitive configuration files, credentials, or email data, and selectively delete files with api.app process privileges. No active exploitation confirmed by CISA KEV at time of analysis, though the unauthenticated remote attack vector and file manipulation capabilities represent elevated risk for exposed email gateway appliances. Swiss NCSC disclosure suggests vendor-coordinated remediation.

Path Traversal Secure Email Gateway
NVD
CVSS 4.0
8.8
EPSS
0.1%
CVE-2026-7864 MEDIUM PATCH This Month

SEPPmail Secure Email Gateway before version 15.0.4 exposes server environment variables through an unauthenticated endpoint in the GINA UI, allowing remote attackers to retrieve sensitive system information including configuration details, internal paths, and potentially credentials. The vulnerability requires only network access to the affected endpoint with no authentication, authentication complexity, or user interaction; it is classified as an information disclosure flaw with limited confidentiality impact (CVSS 6.9).

Information Disclosure Secure Email Gateway
NVD
CVSS 4.0
6.9
EPSS
0.1%
CVE-2026-29136 MEDIUM PATCH This Month

SEPPmail Secure Email Gateway before version 15.0.3 allows unauthenticated attackers to inject arbitrary HTML into notification emails about new CA certificates, enabling stored cross-site scripting (XSS) attacks against email recipients. An attacker with the ability to trigger CA certificate notifications can craft malicious HTML payloads that execute when recipients view the notification email, potentially leading to credential theft, malware distribution, or further compromise of email infrastructure. No public exploit code or active exploitation has been confirmed at the time of analysis.

XSS Secure Email Gateway
NVD
CVSS 4.0
5.3
EPSS
0.0%
CVE-2026-29139 HIGH PATCH This Week

Account takeover in SEPPmail Secure Email Gateway versions before 15.0.3 allows unauthenticated attackers to reset victim account passwords by abusing GINA account initialization functionality, enabling full mailbox compromise without requiring legitimate credentials or administrative access.

Information Disclosure Secure Email Gateway
NVD
CVSS 4.0
7.8
EPSS
0.0%
CVE-2026-29144 HIGH PATCH This Week

SEPPmail Secure Email Gateway before version 15.0.3 allows attackers to bypass subject sanitization and forge security tags by exploiting Unicode lookalike characters, enabling email spoofing and phishing attacks that evade gateway security controls. This vulnerability affects all versions prior to 15.0.3, impacts organizations relying on SEPPmail for email security, and requires immediate patching. No public exploit code has been identified at the time of analysis.

Authentication Bypass Secure Email Gateway
NVD
CVSS 4.0
7.8
EPSS
0.1%
CVE-2026-29143 HIGH PATCH This Week

SEPPmail Secure Email Gateway before version 15.0.3 fails to properly authenticate inner messages within S/MIME-encrypted MIME entities, permitting attackers to manipulate trusted email headers and potentially forge message authenticity. This vulnerability affects the cryptographic validation layer of the gateway, enabling header injection attacks that could deceive users about message origin or content integrity. No CVSS score, EPSS data, or active exploitation confirmation is available in current intelligence.

Information Disclosure Secure Email Gateway
NVD
CVSS 4.0
7.8
EPSS
0.1%
CVE-2026-29142 MEDIUM PATCH This Month

SEPPmail Secure Email Gateway before version 15.0.3 allows attackers to forge GINA-encrypted emails, compromising email authenticity and potentially enabling spoofing attacks. The vulnerability affects all versions prior to 15.0.3 and was reported by NCSC.ch. No CVSS score is available, and exploitation status has not been independently confirmed at time of analysis.

Information Disclosure Secure Email Gateway
NVD
CVSS 4.0
6.3
EPSS
0.0%
CVE-2026-29137 MEDIUM PATCH This Month

SEPPmail Secure Email Gateway before version 15.0.3 allows remote attackers to conceal security tags from end users by submitting emails with excessively long subject lines, enabling potential phishing and message spoofing attacks by bypassing visual security indicators. The vulnerability affects all versions prior to 15.0.3 across the product line and has been reported by Switzerland's National Cyber Security Centre (NCSC.ch). No active exploitation has been confirmed, and no public exploit code is currently available.

Information Disclosure Secure Email Gateway
NVD
CVSS 4.0
5.3
EPSS
0.1%
CVE-2026-29141 HIGH PATCH This Week

SEPPmail Secure Email Gateway before version 15.0.3 allows remote attackers to bypass subject line sanitization controls and forge authentication tags such as [signed OK], enabling email spoofing attacks that could deceive recipients into trusting fraudulent or malicious messages. The vulnerability affects all versions prior to 15.0.3 and has been publicly disclosed by NCSC.ch; no public exploit code or active exploitation has been independently confirmed at time of analysis.

Authentication Bypass Secure Email Gateway
NVD
CVSS 4.0
7.7
EPSS
0.1%
CVE-2026-29135 MEDIUM PATCH This Month

SEPPmail Secure Email Gateway before version 15.0.3 permits attackers to craft malicious password-tags that circumvent subject line sanitization controls, potentially enabling unauthorized email manipulation or information disclosure. The vulnerability affects all versions prior to 15.0.3 and was reported by NCSC.ch; no CVSS score or public exploit code has been published at the time of analysis.

Authentication Bypass Secure Email Gateway
NVD
CVSS 4.0
5.3
EPSS
0.1%
CVE-2026-29134 MEDIUM PATCH This Month

SEPPmail Secure Email Gateway before version 15.0.3 allows unauthenticated external users to modify GINA webdomain metadata and bypass per-domain restrictions, enabling attackers to circumvent email security controls across isolated security domains. NCSC.ch reported this authentication bypass vulnerability affecting all versions prior to 15.0.3. The ability to modify domain-level metadata across organizational security boundaries represents a direct compromise of the gateway's core function to enforce per-domain policies.

Authentication Bypass Secure Email Gateway
NVD
CVSS 4.0
5.3
EPSS
0.1%
CVE-2026-29140 HIGH PATCH This Week

SEPPmail Secure Email Gateway before version 15.0.3 allows remote attackers to inject malicious certificates into S/MIME signatures, enabling them to substitute attacker-controlled certificates for future encryption communications with victims. An attacker can exploit this by crafting a specially-formed signed email that embeds unauthorized certificates, which the gateway may then use for subsequent encrypted messages to the targeted recipient, resulting in compromise of encryption confidentiality. No public exploit code or active CISA KEV listing is currently confirmed, but the vulnerability was reported by Swiss national security authority NCSC.ch.

Information Disclosure Secure Email Gateway
NVD
CVSS 4.0
7.7
EPSS
0.0%
CVE-2026-29133 MEDIUM PATCH This Month

SEPPmail Secure Email Gateway before version 15.0.3 allows attackers to upload PGP keys with mismatched User IDs and email addresses, enabling spoofing and potential information disclosure by circumventing email authentication controls. The vulnerability affects all versions prior to 15.0.3 and was reported by NCSC.ch. No public exploit code or active exploitation has been confirmed at the time of analysis.

Information Disclosure Secure Email Gateway
NVD
CVSS 4.0
5.3
EPSS
0.1%
CVE-2026-29132 MEDIUM PATCH This Month

SEPPmail Secure Email Gateway before version 15.0.3 allows authenticated attackers with access to a victim's GINA account to bypass secondary password verification and directly access protected emails, circumventing a multi-factor authentication mechanism intended to protect sensitive correspondence.

Authentication Bypass Secure Email Gateway
NVD
CVSS 4.0
6.3
EPSS
0.0%
CVE-2025-20153 MEDIUM This Month

A vulnerability in the email filtering mechanism of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to bypass the configured rules and allow emails that should have been. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Secure Email Gateway
NVD
CVSS 3.1
5.8
EPSS
0.1%
CVE-2024-9043 CRITICAL Act Now

Secure Email Gateway from Cellopoint has Buffer Overflow Vulnerability in authentication process. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Secure Email Gateway
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2024-20401 CRITICAL Act Now

A vulnerability in the content scanning and message filtering features of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to overwrite arbitrary files on the underlying. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Cisco Denial Of Service Secure Email Gateway
NVD
CVSS 3.1
9.8
EPSS
2.3%
CVE-2024-6744 CRITICAL Act Now

The SMTP Listener of Secure Email Gateway from Cellopoint does not properly validate user input, leading to a Buffer Overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Secure Email Gateway
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-20120 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Gateway, formerly Cisco Email Security Appliance. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Secure Email And Web Manager Secure Email Gateway Web Security Appliance
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-20119 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, formerly known as Content Security Management Appliance (SMA) could allow an. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Secure Email And Web Manager Secure Email Gateway Web Security Appliance
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-20028 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Gateway, formerly Cisco Email Security Appliance. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Email And Web Manager Secure Email Gateway Web Security Appliance
NVD
CVSS 3.1
5.4
EPSS
0.5%
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Path traversal in SEPPmail Secure Email Gateway versions before 15.0.5 allows authenticated remote attackers to write files outside the intended directory by manipulating attachment filenames processed during encrypted PDF generation. Files can be placed in web-accessible locations, enabling potential webshell deployment and integrity compromise. No public exploit identified at time of analysis; the issue was reported by NCSC.ch and is fixed in 15.0.5.

Path Traversal Secure Email Gateway
NVD
EPSS 0% CVSS 9.3
CRITICAL PATCH Act Now

Authorization bypass in SEPPmail Secure Email Gateway versions prior to 15.0.4 enables remote unauthenticated attackers to access privileged GINA UI endpoints without authentication. The vulnerability (CISA reported by Swiss NCSC) affects core access control mechanisms with CVSS 9.3 critical severity, allowing complete system compromise through network-accessible administrative interfaces. No active exploitation (CISA KEV) or public exploit code identified at time of analysis, but the network-accessible attack vector with no authentication barrier presents immediate risk to internet-facing deployments.

Authentication Bypass Secure Email Gateway
NVD
EPSS 0% CVSS 9.3
CRITICAL PATCH Act Now

Remote code execution in SEPPmail Secure Email Gateway versions prior to 15.0.2.1 enables unauthenticated attackers to execute arbitrary Perl code via the GINA UI. The vulnerability stems from an endpoint passing unsanitized user input directly to Perl's eval function, allowing complete system compromise. Reported by Switzerland's national CERT (NCSC.ch), this represents a critical pre-authentication attack surface requiring immediate patching.

Code Injection RCE Secure Email Gateway
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote unauthenticated attackers can read arbitrary local files and trigger deletion of targeted files in SEPPmail Secure Email Gateway versions before 15.0.4 through path traversal in the /api.app/attachment/preview endpoint. The vulnerability allows exploitation without authentication or user interaction (CVSS:4.0 AV:N/AC:L/PR:N/UI:N), enabling attackers to exfiltrate sensitive configuration files, credentials, or email data, and selectively delete files with api.app process privileges. No active exploitation confirmed by CISA KEV at time of analysis, though the unauthenticated remote attack vector and file manipulation capabilities represent elevated risk for exposed email gateway appliances. Swiss NCSC disclosure suggests vendor-coordinated remediation.

Path Traversal Secure Email Gateway
NVD
EPSS 0% CVSS 6.9
MEDIUM PATCH This Month

SEPPmail Secure Email Gateway before version 15.0.4 exposes server environment variables through an unauthenticated endpoint in the GINA UI, allowing remote attackers to retrieve sensitive system information including configuration details, internal paths, and potentially credentials. The vulnerability requires only network access to the affected endpoint with no authentication, authentication complexity, or user interaction; it is classified as an information disclosure flaw with limited confidentiality impact (CVSS 6.9).

Information Disclosure Secure Email Gateway
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

SEPPmail Secure Email Gateway before version 15.0.3 allows unauthenticated attackers to inject arbitrary HTML into notification emails about new CA certificates, enabling stored cross-site scripting (XSS) attacks against email recipients. An attacker with the ability to trigger CA certificate notifications can craft malicious HTML payloads that execute when recipients view the notification email, potentially leading to credential theft, malware distribution, or further compromise of email infrastructure. No public exploit code or active exploitation has been confirmed at the time of analysis.

XSS Secure Email Gateway
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Account takeover in SEPPmail Secure Email Gateway versions before 15.0.3 allows unauthenticated attackers to reset victim account passwords by abusing GINA account initialization functionality, enabling full mailbox compromise without requiring legitimate credentials or administrative access.

Information Disclosure Secure Email Gateway
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

SEPPmail Secure Email Gateway before version 15.0.3 allows attackers to bypass subject sanitization and forge security tags by exploiting Unicode lookalike characters, enabling email spoofing and phishing attacks that evade gateway security controls. This vulnerability affects all versions prior to 15.0.3, impacts organizations relying on SEPPmail for email security, and requires immediate patching. No public exploit code has been identified at the time of analysis.

Authentication Bypass Secure Email Gateway
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

SEPPmail Secure Email Gateway before version 15.0.3 fails to properly authenticate inner messages within S/MIME-encrypted MIME entities, permitting attackers to manipulate trusted email headers and potentially forge message authenticity. This vulnerability affects the cryptographic validation layer of the gateway, enabling header injection attacks that could deceive users about message origin or content integrity. No CVSS score, EPSS data, or active exploitation confirmation is available in current intelligence.

Information Disclosure Secure Email Gateway
NVD
EPSS 0% CVSS 6.3
MEDIUM PATCH This Month

SEPPmail Secure Email Gateway before version 15.0.3 allows attackers to forge GINA-encrypted emails, compromising email authenticity and potentially enabling spoofing attacks. The vulnerability affects all versions prior to 15.0.3 and was reported by NCSC.ch. No CVSS score is available, and exploitation status has not been independently confirmed at time of analysis.

Information Disclosure Secure Email Gateway
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

SEPPmail Secure Email Gateway before version 15.0.3 allows remote attackers to conceal security tags from end users by submitting emails with excessively long subject lines, enabling potential phishing and message spoofing attacks by bypassing visual security indicators. The vulnerability affects all versions prior to 15.0.3 across the product line and has been reported by Switzerland's National Cyber Security Centre (NCSC.ch). No active exploitation has been confirmed, and no public exploit code is currently available.

Information Disclosure Secure Email Gateway
NVD
EPSS 0% CVSS 7.7
HIGH PATCH This Week

SEPPmail Secure Email Gateway before version 15.0.3 allows remote attackers to bypass subject line sanitization controls and forge authentication tags such as [signed OK], enabling email spoofing attacks that could deceive recipients into trusting fraudulent or malicious messages. The vulnerability affects all versions prior to 15.0.3 and has been publicly disclosed by NCSC.ch; no public exploit code or active exploitation has been independently confirmed at time of analysis.

Authentication Bypass Secure Email Gateway
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

SEPPmail Secure Email Gateway before version 15.0.3 permits attackers to craft malicious password-tags that circumvent subject line sanitization controls, potentially enabling unauthorized email manipulation or information disclosure. The vulnerability affects all versions prior to 15.0.3 and was reported by NCSC.ch; no CVSS score or public exploit code has been published at the time of analysis.

Authentication Bypass Secure Email Gateway
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

SEPPmail Secure Email Gateway before version 15.0.3 allows unauthenticated external users to modify GINA webdomain metadata and bypass per-domain restrictions, enabling attackers to circumvent email security controls across isolated security domains. NCSC.ch reported this authentication bypass vulnerability affecting all versions prior to 15.0.3. The ability to modify domain-level metadata across organizational security boundaries represents a direct compromise of the gateway's core function to enforce per-domain policies.

Authentication Bypass Secure Email Gateway
NVD
EPSS 0% CVSS 7.7
HIGH PATCH This Week

SEPPmail Secure Email Gateway before version 15.0.3 allows remote attackers to inject malicious certificates into S/MIME signatures, enabling them to substitute attacker-controlled certificates for future encryption communications with victims. An attacker can exploit this by crafting a specially-formed signed email that embeds unauthorized certificates, which the gateway may then use for subsequent encrypted messages to the targeted recipient, resulting in compromise of encryption confidentiality. No public exploit code or active CISA KEV listing is currently confirmed, but the vulnerability was reported by Swiss national security authority NCSC.ch.

Information Disclosure Secure Email Gateway
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

SEPPmail Secure Email Gateway before version 15.0.3 allows attackers to upload PGP keys with mismatched User IDs and email addresses, enabling spoofing and potential information disclosure by circumventing email authentication controls. The vulnerability affects all versions prior to 15.0.3 and was reported by NCSC.ch. No public exploit code or active exploitation has been confirmed at the time of analysis.

Information Disclosure Secure Email Gateway
NVD
EPSS 0% CVSS 6.3
MEDIUM PATCH This Month

SEPPmail Secure Email Gateway before version 15.0.3 allows authenticated attackers with access to a victim's GINA account to bypass secondary password verification and directly access protected emails, circumventing a multi-factor authentication mechanism intended to protect sensitive correspondence.

Authentication Bypass Secure Email Gateway
NVD
EPSS 0% CVSS 5.8
MEDIUM This Month

A vulnerability in the email filtering mechanism of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to bypass the configured rules and allow emails that should have been. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Secure Email Gateway
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Secure Email Gateway from Cellopoint has Buffer Overflow Vulnerability in authentication process. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Secure Email Gateway
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

A vulnerability in the content scanning and message filtering features of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to overwrite arbitrary files on the underlying. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Cisco Denial Of Service +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

The SMTP Listener of Secure Email Gateway from Cellopoint does not properly validate user input, leading to a Buffer Overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Secure Email Gateway
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Gateway, formerly Cisco Email Security Appliance. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Secure Email And Web Manager +2
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, formerly known as Content Security Management Appliance (SMA) could allow an. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Secure Email And Web Manager +2
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Gateway, formerly Cisco Email Security Appliance. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Email And Web Manager +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy