cbcvebase.
CVE-2026-8811
published 2026-06-18

CVE-2026-8811: SEPPmail versions before 15.0.5 allow improper handling of attachment filenames during encrypted PDF generation. An attacker can exploit this to create new…

PriorityP340high7.1CVSS 4.0
AVNACLATPPRLUINVCNVIHVALSCNSIHSALEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EPSS
0.32%
23.6th percentile
SEPPmail versions before 15.0.5 allow improper handling of attachment filenames during encrypted PDF generation. An attacker can exploit this to create new files outside the intended directory, potentially placing files in web-accessible locations.

Affected

1 ranges
VendorProductVersion rangeFixed in
seppmail_agsecure_email_gateway< 15.0.515.0.5
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.