Description
SEPPmail Secure Email Gateway before version 15.0.4 contains a server-side template injection vulnerability in the new GINA UI because an endpoint accepts attacker-controlled template, allowing remote attackers to execute arbitrary template expressions and potentially achieve remote code execution depending on the enabled template plugins.
Published: 2026-05-08
Score: 8.3 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a server‑side template injection in the GINA UI of SEPPmail Secure Email Gateway. An endpoint accepts attacker‑controlled template input, allowing execution of arbitrary template expressions. Depending on the enabled template plugins, an attacker can gain remote code execution, compromising confidentiality, integrity, and availability. This weakness is identified as CWE‑1336.

Affected Systems

SEPPmail AG Secure Email Gateway versions prior to 15.0.4 are affected by the server‑side template injection in the GINA UI endpoint.

Risk and Exploitability

The CVSS score of 8.3 indicates high severity. No EPSS score is available, and the vulnerability is not listed in CISA's KEV catalog. Likely exploitation requires remote network access to the vulnerable endpoint; the attacker sends crafted requests that trigger template evaluation. The presence of enabled template plugins enables the full remote code execution path, so disabling or restricting plugins reduces risk.

Generated by OpenCVE AI on May 8, 2026 at 15:06 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update SEPPmail Secure Email Gateway to version 15.0.4 or later.
  • Restrict network access to the GINA UI endpoint to trusted administrators if an immediate upgrade is not feasible.
  • Disable or remove unnecessary template plugins to limit the attack surface.

Generated by OpenCVE AI on May 8, 2026 at 15:06 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 18 May 2026 16:45:00 +0000

Type Values Removed Values Added
References

Sun, 10 May 2026 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Seppmail
Seppmail secure Email Gateway
Vendors & Products Seppmail
Seppmail secure Email Gateway

Fri, 08 May 2026 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 08 May 2026 13:30:00 +0000

Type Values Removed Values Added
Description SEPPmail Secure Email Gateway before version 15.0.4 contains a server-side template injection vulnerability in the new GINA UI because an endpoint accepts attacker-controlled template, allowing remote attackers to execute arbitrary template expressions and potentially achieve remote code execution depending on the enabled template plugins.
Title Server-side template injection
Weaknesses CWE-1336
References
Metrics cvssV4_0

{'score': 8.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N'}

Subscriptions

Seppmail Secure Email Gateway
cve-icon MITRE

Status: PUBLISHED

Assigner: NCSC.ch

Published:

Updated: 2026-05-18T16:14:51.593Z

Reserved: 2026-05-05T12:56:43.132Z

Link: CVE-2026-44129

cve-icon Vulnrichment

Updated: 2026-05-08T14:13:17.013Z

cve-icon NVD

Status : Deferred

Published: 2026-05-08T14:16:46.007

Modified: 2026-05-18T17:16:33.037

Link: CVE-2026-44129

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-10T20:00:05Z

Weaknesses