CVE-2026-29131 is a medium-severity LDAP injection vulnerability identified in SEPPmail Secure Email Gateway before version 15.0.3. The vulnerability stems from improper neutralization of special characters in LDAP queries (CWE-90), which allows an attacker to manipulate LDAP queries by injecting crafted input via email addresses. This manipulation can lead to unauthorized access to encrypted email contents intended for other users. The attack vector is network-based, requiring low attack complexity but limited privileges (authenticated user with some access). The vulnerability does not require user interaction and does not compromise the integrity or availability of the system but impacts confidentiality by exposing sensitive encrypted emails. The vulnerability has a CVSS 4.0 score of 4.9, reflecting a moderate risk. No public exploits are known, but the potential for data leakage is significant given the nature of the product as an email security gateway. The root cause is insufficient input validation and sanitization of LDAP query parameters, which can be exploited to bypass access controls. The vendor has addressed this issue in version 15.0.3, though no patch links are currently provided. Organizations relying on SEPPmail Secure Email Gateway should prioritize upgrading and review their LDAP query handling and email address validation mechanisms.

The primary impact of this vulnerability is unauthorized disclosure of encrypted email content, which compromises the confidentiality of sensitive communications. Organizations using SEPPmail Secure Email Gateway risk exposure of private emails to attackers who can craft malicious email addresses and have limited authenticated access. This could lead to leakage of sensitive corporate or personal information, intellectual property theft, or exposure of confidential communications. Although the vulnerability does not affect system integrity or availability, the breach of confidentiality can have serious reputational, legal, and compliance consequences, especially for sectors handling sensitive data such as finance, healthcare, government, and legal services. The medium CVSS score reflects moderate ease of exploitation combined with significant confidentiality impact. Since the product is used globally, organizations worldwide that rely on SEPPmail for secure email handling are at risk until patched.

1. Upgrade SEPPmail Secure Email Gateway to version 15.0.3 or later immediately to apply the official fix. 2. Implement strict input validation and sanitization on all user-supplied input, especially email addresses, to prevent LDAP injection. 3. Employ parameterized LDAP queries or prepared statements to avoid direct concatenation of user input into LDAP queries. 4. Conduct thorough code reviews and security testing focused on LDAP query construction and injection vectors. 5. Monitor logs for unusual LDAP query patterns or access attempts involving malformed email addresses. 6. Restrict authenticated user privileges to the minimum necessary to reduce the risk of exploitation. 7. Consider additional encryption or access controls on email content at rest to mitigate potential exposure. 8. Educate administrators and security teams about this vulnerability and ensure rapid incident response capability in case of exploitation.