Search Vulnerabilities

ProxyAuth Addon LDAP Injection in mitmproxy

Apr 21, 2026

CVE-2026-40459

LDAP Injection in PAC4J

Apr 17, 2026

CVE-2026-40193

Maddy Mail Server: LDAP Filter Injection via Unsanitized Username

CVE-2026-0636

LDAP Injection Vulnerability in LDAPStoreHelper.java

CVE-2026-39962

LDAP injection in MISP ApacheAuthenticate when using a user-controlled Apache environment variable

CVE-2026-34578

OPNsense has an LDAP Injection via Unsanitized Username in Authentication

CVE-2026-29138

PGP Decryption Sender LDAP Injection

CVE-2026-29131

PGP Decryption Recipient LDAP Injection

CVE-2026-27860

LOW

If auth_username_chars is empty, it is possible to inject arbitrary LDAP filter to Dovecot's LDAP authentication

Mar 27, 2026

CVE-2026-33751

n8n Vulnerable to LDAP Filter Injection in LDAP Node

Mar 25, 2026

CVE-2026-33289

SuiterCRM has LDAP Filter Injection in Authentication Module

Mar 19, 2026

CVE-2026-31828

Parse Server has an LDAP injection via unsanitized user input in DN and group filter construction

Mar 10, 2026

CVE-2026-25560

CRITICAL

WeKan < 8.19 LDAP Authentication Filter Injection

Feb 7, 2026

CVE-2026-1498

WatchGuard Firebox LDAP Injection

Jan 30, 2026

CVE-2026-24130

Moonraker with LDAP Enabled Allows Malicious Search Filter Injection

Jan 22, 2026

CVE-2026-21880

Kanboard LDAP Injection Vulnerability can Lead to User Enumeration and Information Disclosure

Jan 8, 2026

CVE-2025-67493

Homarr issing input sanitization and possible privilege escalation through ldap search query injection

Dec 17, 2025

CVE-2025-35431

CISA Thorium LDAP injection

Sep 17, 2025

CVE-2025-48208

Apache HertzBeat (incubating): Jmx JNDI injection vulnerability

Sep 9, 2025

CVE-2025-52575

EspoCRM vulnerable to LDAP Injection through Improper Neutralization of Special Elements

Jul 21, 2025

Showing 1 - 20 of 1,000+ results

...

Searching...

Filters

1,000+ results

CVE-2026-40606

ProxyAuth Addon LDAP Injection in mitmproxy

Apr 21, 2026

CVE-2026-40459

LDAP Injection in PAC4J

Apr 17, 2026

CVE-2026-40193

Maddy Mail Server: LDAP Filter Injection via Unsanitized Username

CVE-2026-0636

LDAP Injection Vulnerability in LDAPStoreHelper.java

CVE-2026-39962

LDAP injection in MISP ApacheAuthenticate when using a user-controlled Apache environment variable

CVE-2026-34578

OPNsense has an LDAP Injection via Unsanitized Username in Authentication

CVE-2026-29138

PGP Decryption Sender LDAP Injection

CVE-2026-29131

PGP Decryption Recipient LDAP Injection

CVE-2026-27860

LOW

If auth_username_chars is empty, it is possible to inject arbitrary LDAP filter to Dovecot's LDAP authentication

Mar 27, 2026

CVE-2026-33751

n8n Vulnerable to LDAP Filter Injection in LDAP Node

Mar 25, 2026

CVE-2026-33289

SuiterCRM has LDAP Filter Injection in Authentication Module

Mar 19, 2026

CVE-2026-31828

Parse Server has an LDAP injection via unsanitized user input in DN and group filter construction

Mar 10, 2026

CVE-2026-25560

CRITICAL

WeKan < 8.19 LDAP Authentication Filter Injection

Feb 7, 2026

CVE-2026-1498

WatchGuard Firebox LDAP Injection

Jan 30, 2026

CVE-2026-24130

Moonraker with LDAP Enabled Allows Malicious Search Filter Injection

Jan 22, 2026

CVE-2026-21880

Kanboard LDAP Injection Vulnerability can Lead to User Enumeration and Information Disclosure

Jan 8, 2026

CVE-2025-67493

Homarr issing input sanitization and possible privilege escalation through ldap search query injection

Dec 17, 2025

CVE-2025-35431

CISA Thorium LDAP injection

Sep 17, 2025

CVE-2025-48208

Apache HertzBeat (incubating): Jmx JNDI injection vulnerability

Sep 9, 2025

CVE-2025-52575