CVE-2026-7864

SEPPmail Secure Email Gateway before version 15.0.4 exposes server environment variables through an unauthenticated endpoint in the new…

NCSC.ch·CWE-497·Published 2026-05-08

CVSS

—

EPSS

0.14

KEV

Exploits

cve.orgen

210 chars

SEPPmail Secure Email Gateway before version 15.0.4 exposes server environment variables through an unauthenticated endpoint in the new GINA UI, allowing remote attackers to obtain sensitive system information.

NVDen

210 chars

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
4.0	Primary	cve.org	6.9	—	—	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
4.0	Secondary	NVD	6.9	—	—