CVE-2026-2747

Summary

SEPPmail Secure Email Gateway before version 15.0.1 decrypts inline PGP messages without isolating them from surrounding unencrypted content, allowing exposure of sensitive information to an unauthorized actor.

Affected Software

VendorProductVersion RangeStatus
SEPPmailSecure Email Gateway0 < 15.0.1affected

Weaknesses

  • CWE-200: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References