CVE-2026-29133

CRITICAL

UID Regex Bypass

Title source: cna

Description

SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to upload PGP keys with UIDs that do not match their email address.

References (1)

Scores

CVSS v3 9.1
EPSS 0.0005
EPSS Percentile 15.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Details

CWE
CWE-20
Status published
Products (2)
SEPPmail/Secure Email Gateway < 15.0.3
seppmail/secure_email_gateway < 15.0.3
Published Apr 02, 2026
Tracked Since Apr 02, 2026