CVE-2026-44129

NONE

Risk Signal Score0/100 — NIEDRIG

EPSS-Score

Exploit-Wahrscheinlichkeit (30 Tage)

Beschreibung

SEPPmail Secure Email Gateway before version 15.0.4 contains a server-side template injection vulnerability in the new GINA UI because an endpoint accepts attacker-controlled template, allowing remote attackers to execute arbitrary template expressions and potentially achieve remote code execution depending on the enabled template plugins.

Referenzen

https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#security
https://labs.infoguard.ch/posts/seppmail_secure_e-mail_gateway_rce_vulnerabiliti...