CVE-2026-29138

Published: Apr 02, 2026 Last Modified: Apr 02, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 6,3

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: none

User Interaction: none

Confidentiality: N/A

Integrity: N/A

Availability: N/A

Description

AI Translation Available

SEPPmail Secure Email Gateway before version 15.0.3 allows attackers with a specially crafted email address to claim another user's PGP signature as their own.

Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')

Draft

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Confidentiality Integrity Availability

Potential Impacts:

Execute Unauthorized Code Or Commands Read Application Data Modify Application Data

Applicable Platforms

Technologies: Database Server

View CWE Details

https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html…

https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#seppmail-vulnerabil…

CVE-2026-29138

Description

Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')

Common Consequences

Applicable Platforms

Iscriviti alla newsletter