CVE-2026-44129

UNKNOWN NVD

CVSS Score 0

Severity UNKNOWN

Published May 08, 2026

Vendor unknown

Description

SEPPmail Secure Email Gateway before version 15.0.4 contains a server-side template injection vulnerability in the new GINA UI because an endpoint accepts attacker-controlled template, allowing remote attackers to execute arbitrary template expressions and potentially achieve remote code execution depending on the enabled template plugins.

References

https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#security