CVE-2026-27445 | HackTesting

SEPPmail Secure Email Gateway before version 15.0.1 does not properly verify that a PGP signature was generated by the expected key, allowing signature spoofing.

Credits

Andris Suter-Dörig

Matteo Scarlata

Kenny Paterson

References

https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#seppmail-vulnerability-disclosure