← voltar
CVE-2026-44126

Insecure deserialization

CVSS 9.2 CRITICALEPSS 0.5%CWE-502
SEPPmail Secure Email Gateway before version 15.0.4 insecurely deserializes untrusted data, which can be reached from the new GINA UI and may allow unauthenticated remote attackers to execute code via a crafted serialized object.
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Produtos afetados
SEPPmail AG · Secure Email Gateway

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#securityhttps://labs.infoguard.ch/posts/seppmail_secure_e-mail_gateway_rce_vulnerabilities_cve-2026-2743_cve-2026-7864_cve-2026-44127_cve-2026-44128/