Cyber Posture

CVE-2026-29138

High

Published: 02 April 2026

Published
02 April 2026
Modified
16 April 2026
KEV Added
Patch
CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS Score 0.0004 13.3th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-29138 is a high-severity LDAP Injection (CWE-90) vulnerability in Seppmail Secure Email Gateway. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 13.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 2 other techniques. What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Timely application of the vendor patch in SEPPmail version 15.0.3 directly remediates the flaw enabling attackers to claim another user's PGP signature via crafted email addresses.

SI-10 Information Input Validation good match
prevent

Validating email address inputs in the Secure Email Gateway prevents specially crafted addresses from being processed to impersonate PGP signatures.

AU-10 Non-repudiation partial match
prevent

Implementing non-repudiation mechanisms ensures PGP signatures are properly bound to the correct user identities, mitigating unauthorized claims of another user's signature.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
T1656 Impersonation Stealth
Adversaries may impersonate a trusted person or organization in order to persuade and trick a target into performing some action on their behalf.
attack.mitre.org →
T1672 Email Spoofing Stealth
Adversaries may fake, or spoof, a sender’s identity by modifying the value of relevant email headers in order to establish contact with victims under false pretenses.
attack.mitre.org →
Why these techniques?

Vuln in public-facing email gateway enables network exploitation (T1190); crafted address allows PGP signature impersonation (T1656) and email spoofing (T1672) with high integrity impact.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

NVD Description

SEPPmail Secure Email Gateway before version 15.0.3 allows attackers with a specially crafted email address to claim another user's PGP signature as their own.

Deeper analysisAI

CVE-2026-29138 is a vulnerability in SEPPmail Secure Email Gateway versions prior to 15.0.3. It enables attackers to use a specially crafted email address to claim another user's PGP signature as their own. The issue carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) and is linked to CWE-90.

The vulnerability can be exploited by any unauthenticated attacker accessible over the network, requiring low complexity and no user interaction. Successful exploitation results in high integrity impact, allowing the attacker to impersonate another user's PGP signature without affecting confidentiality or availability.

SEPPmail's release notes for version 15.0, available at https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#seppmail-vulnerability-disclosure-1503, disclose the vulnerability and confirm that it is addressed in version 15.0.3. Security practitioners should update affected SEPPmail Secure Email Gateway installations to version 15.0.3 or later to mitigate the issue.

Details

CWE(s)
CWE-90

Affected Products

seppmail
secure email gateway
≤ 15.0.3

CVEs Like This One

CVE-2026-29131Same product: Seppmail Secure Email Gateway
CVE-2026-29134Same product: Seppmail Secure Email Gateway
CVE-2026-29143Same product: Seppmail Secure Email Gateway
CVE-2026-29135Same product: Seppmail Secure Email Gateway
CVE-2026-29139Same product: Seppmail Secure Email Gateway
CVE-2026-29132Same product: Seppmail Secure Email Gateway
CVE-2026-29133Same product: Seppmail Secure Email Gateway
CVE-2026-27443Same vendor: Seppmail
CVE-2026-27444Same vendor: Seppmail
CVE-2026-2743Same vendor: Seppmail

References