Every CVE whose affected-product data names Seppmail, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (12)
CVE-2026-2743 — CVSS 9.8 (critical): Arbitrary File Write via Path Traversal upload to Remote Code Execution in SeppMail User Web Interface. The affected feature is the large…
CVE-2026-27441 — CVSS 9.8 (critical): SEPPmail Secure Email Gateway before version 15.0.1 insufficiently neutralizes the PDF encryption password, allowing OS command execution.
CVE-2026-27443 — CVSS 7.5 (high): SEPPmail Secure Email Gateway before version 15.0.1 does not properly sanitize the headers from S/MIME protected MIME entities, allowing an…
CVE-2026-27444 — CVSS 7.5 (high): SEPPmail Secure Email Gateway before version 15.0.1 incorrectly interprets email addresses in the email headers, causing an interpretation…
CVE-2026-2747 — CVSS 7.5 (high): SEPPmail Secure Email Gateway before version 15.0.1 decrypts inline PGP messages without isolating them from surrounding unencrypted…
CVE-2026-27442 — CVSS 7.5 (high): The GINA web interface in SEPPmail Secure Email Gateway before version 15.0.1 does not properly check attachment filenames in…
CVE-2021-31739 — CVSS 6.1 (medium): The SEPPmail solution is vulnerable to a Cross-Site Scripting vulnerability (XSS), because user input is not correctly encoded in HTML…
CVE-2021-31740 — CVSS 6.1 (medium): SEPPMail's web frontend, user input is not embedded correctly in the web page and therefore leads to cross-site scripting vulnerabilities…
CVE-2022-41871 — CVSS 6.0 (medium): SEPPmail through 12.1.17 allows command injection within the Admin Portal. An authenticated attacker is able to execute arbitrary code in…
CVE-2026-27445 — CVSS 5.3 (medium): SEPPmail Secure Email Gateway before version 15.0.1 does not properly verify that a PGP signature was generated by the expected key…
CVE-2026-2746 — CVSS 5.3 (medium): SEPPmail Secure Email Gateway before version 15.0.1 does not properly communicate PGP signature verification results, leaving users unable…
CVE-2026-2748 — CVSS 5.3 (medium): SEPPmail Secure Email Gateway before version 15.0.1 improperly validates S/MIME certificates issued for email addresses containing…