Primary

Context

SEPPmail Secure Email Gateway PGP Decryption Vulnerability Allowing Information Exposure

Vulnerability

Patched

A vulnerability exists in SEPPmail Secure Email Gateway versions prior to 15.0.1, where inline PGP messages are decrypted without proper isolation from surrounding unencrypted text. This flaw can lead to unauthorized exposure of sensitive information.

Impact

Exploitation of this vulnerability could result in unauthorized disclosure of sensitive information by mixing decrypted PGP content with unencrypted material, potentially leading to information leaks.

Remediation

Users can update to SEPPmail Secure Email Gateway version 15.0.1 or later to address this vulnerability.

Added: Mar 4, 2026, 9:18 AM

Updated: Mar 4, 2026, 9:18 AM

Vulnerability Rating

Custom Algorithm

spread

2.2

impact

2.5

exploitability

7.6

remediation

7.7

relevance

3.5

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.2

impact

2.5

exploitability

7.6

remediation

7.7

relevance

3.5

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SEPPmail Secure Email Gateway PGP Decryption Vulnerability Allowing Information Exposure

Vulnerability

Impact

Remediation

Affected Products

SEPPmail Secure Email Gateway

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating