Email Gateway Subject Sanitization Bypass in SEPPmail
CVE-2026-29141

7.7HIGH

Key Information:

Vendor: Seppmail
Status: Secure Email Gateway
Vendor: CVE Published:; 2 April 2026

What is CVE-2026-29141?

The SEPPmail Secure Email Gateway prior to version 15.0.3 is susceptible to a subject sanitization bypass vulnerability. This issue enables attackers to manipulate email subjects by forging tags, such as [signed OK], potentially leading to misrepresentation and increased risk of phishing attacks.

Affected Version(s)

Secure Email Gateway 0 < 15.0.3

References

https://downloads.seppmail.com/extrelnotes/150/ERN15.0.ht...

release-notes

CVSS V4

Score:

7.7

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 2, 2026
Vulnerability Reserved
Mar 4, 2026

Credit

Andris Suter-Dörig

Matteo Scarlata

Kenny Paterson

CVE-2026-29141 Data

JSON

Seppmail

What is CVE-2026-29141?

Affected Version(s)

References

CVSS V4

Timeline

Credit