Unauthorized Access in SEPPmail Secure Email Gateway by SEPPmail
CVE-2026-44125

9.3CRITICAL

Key Information:

Vendor: Seppmail Ag
Status: Secure Email Gateway
Vendor: CVE Published:; 8 May 2026

🔔 Create Seppmail Ag Vulnerability Alert

What is CVE-2026-44125?

The SEPPmail Secure Email Gateway, prior to version 15.0.4, contains a vulnerability that fails to adequately enforce authorization checks across various endpoints within the newly implemented GINA UI. This oversight enables unauthenticated remote attackers to gain access to functions that are intended to be restricted, potentially compromising sensitive data and system integrity.

Affected Version(s)

Secure Email Gateway 0 < 15.0.4

References

https://downloads.seppmail.com/extrelnotes/150/ERN15.0.ht...

https://labs.infoguard.ch/posts/seppmail_secure_e-mail_ga...

CVSS V4

Score:

9.3

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 8, 2026
Vulnerability Reserved
May 5, 2026

CVE-2026-44125 Data

JSON