Primary

Context

SEPPmail Secure Email Gateway PGP Key Upload Vulnerability

Vulnerability

Patched

A vulnerability in SEPPmail Secure Email Gateway versions prior to 15.0.3 allows attackers to upload PGP keys with user IDs that do not correspond to the associated email addresses. This could potentially be exploited to manipulate PGP key verification processes or to impersonate users.

Impact

Exploitation of this vulnerability could lead to incorrect PGP key verifications, allowing for potential impersonation of users or manipulation of encrypted communications.

Remediation

Users can update to SEPPmail Secure Email Gateway version 15.0.3 or later, where this vulnerability has been fixed.

Added: Apr 2, 2026, 9:21 AM

Updated: Apr 2, 2026, 9:21 AM

Vulnerability Rating

Custom Algorithm

spread

2.2

impact

0.6

exploitability

7.6

remediation

7.7

relevance

5.1

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.2

impact

0.6

exploitability

7.6

remediation

7.7

relevance

5.1

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SEPPmail Secure Email Gateway PGP Key Upload Vulnerability

Vulnerability

Impact

Remediation

Affected Products

SEPPmail Secure Email Gateway

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating