CVE-2026-24130 Moonraker with LDAP Enabled Allows Malicious Search Filter Injection
Moonraker is a Python web server providing API access to Klipper 3D printing firmware. In versions 0.9.3 and below, instances configured with the "ldap" component enabled are vulnerable to LDAP search filter injection techniques via the login endpoint. The 401 error response message can be used t...