{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-8811", "assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c", "state": "PUBLISHED", "assignerShortName": "NCSC.ch", "dateReserved": "2026-05-18T08:15:54.739Z", "datePublished": "2026-06-18T09:05:46.285Z", "dateUpdated": "2026-06-18T12:14:45.784Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "455daabc-a392-441d-aa46-37d35189897c", "shortName": "NCSC.ch", "dateUpdated": "2026-06-18T09:05:46.285Z"}, "title": "Path traversal in PDF generation module", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-22", "description": "CWE-22", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-126", "descriptions": [{"lang": "en", "value": "CAPEC-126 Path Traversal"}]}], "affected": [{"vendor": "SEPPmail AG", "product": "Secure Email Gateway", "versions": [{"status": "affected", "version": "0", "lessThan": "15.0.5", "versionType": "custom"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "SEPPmail versions before 15.0.5 allow improper handling of attachment filenames during encrypted PDF generation. An attacker can exploit this to create new files outside the intended directory, potentially placing files in web-accessible locations.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>SEPPmail versions before 15.0.5 allow improper handling of attachment filenames during encrypted PDF generation. An attacker can exploit this to create new files outside the intended directory, potentially placing files in web-accessible locations.</p>"}]}], "references": [{"url": "https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#possible-path-traversal-vulnerability"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "LOW", "subAvailabilityImpact": "LOW", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "HIGH", "baseScore": 7.1, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:H/SA:L"}}], "credits": [{"lang": "en", "value": "Andris Suter-D\u00f6rig (ETH Z\u00fcrich, Applied Crypto Group)", "type": "finder"}, {"lang": "en", "value": "Olivier Becker (InfoGuard AG)", "type": "finder"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.2"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-06-18T12:09:49.487273Z", "id": "CVE-2026-8811", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-18T12:14:45.784Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-8811", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-06-18T12:09:49.487273Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-18T12:14:26.049Z"}}], "cna": {"title": "Path traversal in PDF generation module", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Andris Suter-D\u00f6rig (ETH Z\u00fcrich, Applied Crypto Group)"}, {"lang": "en", "type": "finder", "value": "Olivier Becker (InfoGuard AG)"}], "impacts": [{"capecId": "CAPEC-126", "descriptions": [{"lang": "en", "value": "CAPEC-126 Path Traversal"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 7.1, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:H/SA:L", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "LOW", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "SEPPmail AG", "product": "Secure Email Gateway", "versions": [{"status": "affected", "version": "0", "lessThan": "15.0.5", "versionType": "custom"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#possible-path-traversal-vulnerability"}], "x_generator": {"engine": "Vulnogram 1.0.2"}, "descriptions": [{"lang": "en", "value": "SEPPmail versions before 15.0.5 allow improper handling of attachment filenames during encrypted PDF generation. An attacker can exploit this to create new files outside the intended directory, potentially placing files in web-accessible locations.", "supportingMedia": [{"type": "text/html", "value": "<p>SEPPmail versions before 15.0.5 allow improper handling of attachment filenames during encrypted PDF generation. An attacker can exploit this to create new files outside the intended directory, potentially placing files in web-accessible locations.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22"}]}], "providerMetadata": {"orgId": "455daabc-a392-441d-aa46-37d35189897c", "shortName": "NCSC.ch", "dateUpdated": "2026-06-18T09:05:46.285Z"}}}, "cveMetadata": {"cveId": "CVE-2026-8811", "state": "PUBLISHED", "dateUpdated": "2026-06-18T12:14:45.784Z", "dateReserved": "2026-05-18T08:15:54.739Z", "assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c", "datePublished": "2026-06-18T09:05:46.285Z", "assignerShortName": "NCSC.ch"}, "dataVersion": "5.2"}

{}

{}

{}