CVE Catalog
CVE-2026-44126
CriticalSummary
SEPPmail Secure Email Gateway before version 15.0.4 insecurely deserializes untrusted data, which may allow unauthenticated remote attackers to execute code via a crafted serialized object.
Risk Assessment
This vulnerability poses a risk of remote code execution, potentially allowing an attacker to gain control over the system.
Recommendation
It is recommended to update SEPPmail Secure Email Gateway to version 15.0.4 or later to mitigate this vulnerability.
Original NVD description (English source)
SEPPmail Secure Email Gateway before version 15.0.4 insecurely deserializes untrusted data, which can be reached from the new GINA UI and may allow unauthenticated remote attackers to execute code via a crafted serialized object.

