5.3
CVE-2026-29135 - Webmail Password Tag Sanitization Bypass
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to craft a password-tag that bypasses subject sanitization.
5.3
CVE-2026-29134 - GINA Domain Switch
SEPPmail Secure Email Gateway before version 15.0.3 allows an external user to modify GINA webdomain metadata and bypass per-domain restrictions.
7.7
CVE-2026-29140 - S/MIME Signature Additional Certificate
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to cause attacker-controlled certificates to be used for future encryption to a victim by adding the certificates to S/MIME signatures.
5.3
CVE-2026-29133 - UID Regex Bypass
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to upload PGP keys with UIDs that do not match their email address.
6.3
CVE-2026-29132 - ESWmail-Verify Bypass
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker with access to a victim's GINA account to bypass a second-password check and read protected emails.