Command Injection Vulnerability in SEPPmail Secure Email Gateway
CVE-2026-27441

9.5CRITICAL

Key Information:

Vendor: Seppmail
Status: Secure Email Gateway
Vendor: CVE Published:; 4 March 2026

What is CVE-2026-27441?

The SEPPmail Secure Email Gateway prior to version 15.0.1 contains a security flaw related to the improper handling of PDF encryption passwords. This vulnerability can be exploited to execute OS commands remotely, posing a significant risk to the impacted systems. Proper updates and mitigations are essential to safeguard against potential threats.

Affected Version(s)

Secure Email Gateway 0 < 15.0.1

References

https://downloads.seppmail.com/extrelnotes/150/ERN15.0.ht...

release-notes

CVSS V4

Score:

9.5

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 4, 2026
Vulnerability Reserved
Feb 19, 2026

Credit

Andris Suter-Dörig

Matteo Scarlata

Kenny Paterson

CVE-2026-27441 Data

JSON

Seppmail

What is CVE-2026-27441?

Affected Version(s)

References

CVSS V4

Timeline

Credit