What is GHSA-x76h-jjpq-cp24?

GHSA-x76h-jjpq-cp24 is a security advisory published by GitHub Security Advisories with Critical severity. SEPPmail Secure Email Gateway before version 15.0.4 fails to enforce authorization checks for...

Which CVE IDs does GHSA-x76h-jjpq-cp24 cover?

GHSA-x76h-jjpq-cp24 covers the following CVE IDs: CVE-2026-44125. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

GHSA-x76h-jjpq-cp24Critical

SEPPmail Secure Email Gateway before version 15.0.4 fails to enforce authorization checks for...

Vendor

GitHub Security Advisories

Published

May 8, 2026

Last Modified

May 18, 2026

🔗 CVE IDs covered (1)

CVE-2026-44125 →

📋 Description

SEPPmail Secure Email Gateway before version 15.0.4 fails to enforce authorization checks for multiple endpoints in the new GINA UI, allowing unauthenticated remote attackers to access functionality that should require a valid session.

🔗 References (4)

https://nvd.nist.gov/vuln/detail/CVE-2026-44125
https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#security
https://labs.infoguard.ch/posts/seppmail_secure_e-mail_gateway_rce_vulnerabilities_cve-2026-2743_cve-2026-7864_cve-2026-44127_cve-2026-44128
https://github.com/advisories/GHSA-x76h-jjpq-cp24