Researchers have disclosed a chain of vulnerabilities in SEPPmail Secure Email Gateway that lets an attacker turn unauthenticated web requests into remote code execution by inflating the SEPPMaillog file past its 10,000 KB limit, which forces newsyslog to rotate logs and signal syslogd to reload its configuration. Combined with the other flaws in the chain, the attacker reads all mail traffic on the appliance and persists indefinitely. SEPPmail has patched CVE-2026-44128 in version 15.0.2.1, CVE-2026-44126 in 15.0.3, and the rest in 15.0.4. The disclosure follows last month's CVE-2026-27441 (CVSS 9.5) OS command-execution fix in the same appliance.