CVE Catalog

CVE-2026-44126

Critical
Published: Translated: NVD NIST

Summary

SEPPmail Secure Email Gateway before version 15.0.4 insecurely deserializes untrusted data, which may allow unauthenticated remote attackers to execute code via a crafted serialized object.

Risk Assessment

This vulnerability poses a risk of remote code execution, potentially allowing an attacker to gain control over the system.

Recommendation

It is recommended to update SEPPmail Secure Email Gateway to version 15.0.4 or later to mitigate this vulnerability.

Original NVD description (English source)

SEPPmail Secure Email Gateway before version 15.0.4 insecurely deserializes untrusted data, which can be reached from the new GINA UI and may allow unauthenticated remote attackers to execute code via a crafted serialized object.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS