Header Manipulation Vulnerability in SEPPmail Secure Email Gateway
CVE-2026-27443
8.2HIGH
What is CVE-2026-27443?
The SEPPmail Secure Email Gateway prior to version 15.0.1 contains a vulnerability that fails to adequately sanitize headers originating from S/MIME protected MIME entities. This insufficiency can be exploited by attackers to manipulate trusted headers, raising significant security concerns for users relying on the integrity of email communications.
Affected Version(s)
Secure Email Gateway 0 < 15.0.1
References
CVSS V4
Score:
8.2
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Andris Suter-Dörig
Matteo Scarlata
Kenny Paterson