CVE Catalog
CVE-2026-44128
CriticalSummary
SEPPmail Secure Email Gateway before version 15.0.2.1 allows unauthenticated remote code execution in the new GINA UI because an endpoint passes attacker-controlled input from a parameter to Perl's eval.
Risk Assessment
Exploitation of this vulnerability could lead to full system compromise, posing a serious threat to the organization's data security.
Recommendation
It is recommended to upgrade to version 15.0.2.1 or later to mitigate the risk associated with this vulnerability.
Original NVD description (English source)
SEPPmail Secure Email Gateway before version 15.0.2.1 allows unauthenticated remote code execution in the new GINA UI because an endpoint passes attacker-controlled input from a parameter to Perl's eval.

