← Back

CVE-2026-2747

nvd nist
Published: Mar 4, 2026Modified: Mar 5, 2026

JSON object

Loading...
6.9
Vector
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Show more
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less
Source: vulnerability@ncsc.ch (Secondary)

Description

SEPPmail Secure Email Gateway before version 15.0.1 decrypts inline PGP messages without isolating them from surrounding unencrypted content, allowing exposure of sensitive information to an unauthorized actor.

Affected (1)

Products: Seppmail: Seppmail
Seppmail
1 product
Seppmail
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Seppmail
Before 15.0.1

Related CWEs

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (1)

Source: vulnerability@ncsc.ch
Vendor Advisory

Timeline

No history available yet.