HIGHCVE-2026-27444Published 2026-03-04Modified 2026-03-04CNA NCSC.ch

CVE-2026-27444: Header Email Address Parsing

SEPPmail Secure Email Gateway before version 15.0.1 incorrectly interprets email addresses in the email headers, causing an interpretation conflict with other mail infrastructure that allows an attacker to fake the source of the email or decrypt it.

CVSS v4.0: 7.8
Severity: HIGH
Fixed in: 15.0.1
Affected Products: 1

Fix available

15.0.1

Affected packages

SEPPmail / Secure Email Gateway
< 15.0.1 (from 0)

CVSS Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:H/SA:N

References

downloads.seppmail.com

Metrics

Fix available