CVE-2026-29136 in SEPPmail Secure Email Gateway
Summary
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to inject HTML into notification emails about new CA certificates.
Responsible
NCSC.ch
Reservation
03/04/2026
Disclosure
04/02/2026
Entries
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerability | CWE | Exp | Cou | CVE |
|---|---|---|---|---|---|
| 354842 | SEPPmail Secure Email Gateway Notification cross site scripting | 79 | Not defined | Official fix | CVE-2026-29136 |