PT-2026-50652 · Seppmail Ag · Secure Email Gateway

Andris Suter-Dörig

Published

2026-06-18

Updated

2026-06-18

CVE-2026-8811

CVSS v4.0

7.1

High

Vector

AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:H/SA:L

SEPPmail versions before 15.0.5 allow improper handling of attachment filenames during encrypted PDF generation. An attacker can exploit this to create new files outside the intended directory, potentially placing files in web-accessible locations.

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2026-8811

Affected Products

Secure Email Gateway

PT-2026-50652 · Seppmail Ag · Secure Email Gateway

CVE-2026-8811

Weakness Enumeration

Related Identifiers

Affected Products

References · 1