S/MIME Signature Vulnerability in SEPPmail Secure Email Gateway
CVE-2026-29140

7.7HIGH

Key Information:

Vendor: Seppmail
Status: Secure Email Gateway
Vendor: CVE Published:; 2 April 2026

What is CVE-2026-29140?

The SEPPmail Secure Email Gateway prior to version 15.0.3 is susceptible to an S/MIME signature vulnerability that can allow an attacker to manipulate email communications by injecting attacker-controlled certificates. This issue permits unauthorized encryption of messages, potentially compromising sensitive information exchanged between victims.

Affected Version(s)

Secure Email Gateway 0 < 15.0.3

References

https://downloads.seppmail.com/extrelnotes/150/ERN15.0.ht...

release-notes

CVSS V4

Score:

7.7

Severity:

HIGH

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 2, 2026
Vulnerability Reserved
Mar 4, 2026

Credit

Andris Suter-Dörig

Matteo Scarlata

Kenny Paterson

CVE-2026-29140 Data

JSON

Seppmail

What is CVE-2026-29140?

Affected Version(s)

References

CVSS V4

Timeline

Credit