389-ds-base: 389-ds-base: unbounded LDAP controls count in get_ldapmessage_controls_ext() causes CPU and heap amplification (remote DoS)

A flaw was found in 389-ds-base. The getldapmessagecontrolsext function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated attacker can send a specially crafted LDAP request containing hundreds of thousands of minimal controls...

PT-2026-49907

Name of the Vulnerable Software and Affected Versions Oracle Unified Directory versions 12.2.1.4.0 Oracle Unified Directory versions 14.1.2.1.0 Description An issue in the OUD Core component of Oracle Fusion Middleware allows an unauthenticated attacker with network access via LDAP Lightweight...

CVE-2026-42568

Yamcs is a mission control framework. Prior to versions 5.13.0 and 5.12.7, an LDAP injection vulnerability exists in org.yamcs.security.LdapAuthModule when constructing search filters. The username parameter is inserted directly into the LDAP filter without proper RFC 4515 escaping. Versions 5.13...

CVE-2026-45559

CVE-2026-45559 affects Roxy-WI web interface (versions ≤ 8.2.6.4). The vulnerability arises from get_ldap_email in app/modules/roxywi/user.py, where the LDAP search filter is built via string concatenation and the URL username parameter is used verbatim without input validation or LDAP escaping. ...

CLDAP Analyzer with ASN.1 BER Encoding and Basic TLV Response Parser

This Python script implements a CLDAP Connectionless LDAP analyzer that builds and sends LDAP CLDAP discovery requests and parses responses using ASN.1 BER encoding and a basic TLV parser. It constructs a structured LDAP search request including DnsDomain, User, and NtVer filters, sends it over U...

This Week in Spring - June 9th, 2026

Hi Spring fans! Welcome to another installment of This Week in Spring! Tons of releases coming out today and this week! So make sure you're pulling in the latest posts, as often as possible! Spring LDAP 2026.06 Releases - Contains CVE Fix Spring Framework 7.0.8 and 6.2.19 Available Now Spring...

CVE-2026-10549

LDAP filter injection vulnerability in Yandex Database prior to 25.3.1.25 allows a remote attacker with valid LDAP credentials to bypass group membership checks resulting in unauthorized access to the database...

CVE-2026-45284

Nextcloud is an open source content collaboration platform. From version 1.3.6 to before version 8.4.0, an improper check allowed users that where provided by LDAP to still authenticate towards user OIDC after they where deleted. This issue has been patched in version 8.4.0...

CVE-2026-22574

A storing passwords in a recoverable format vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.4, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.4, FortiSOAR on-premise 7.5.0 through 7.5.2,...

Suricata 8.x < 8.0.5 Multiple Vulnerabilities

The version of OISF Suricata installed on the remote host is 8.x prior to 8.0.5. It is, therefore, affected by multiple vulnerabilities, including: - LDAP transaction state could store an unbounded number of responses. Because LDAP can be processed over UDP, crafted traffic may cause Suricata to...

EUVD-2026-33710

Nextcloud is an open source content collaboration platform. From version 1.3.6 to before version 8.4.0, an improper check allowed users that where provided by LDAP to still authenticate towards user OIDC after they where deleted. This issue has been patched in version 8.4.0...

Improper Validation of Certificate with Host Mismatch

Overview org.apache.directory.api:api-ldap-client-api is a LDAP Client API. Affected versions of this package are vulnerable to Improper Validation of Certificate with Host Mismatch in the TLS server identity verification. An attacker can intercept and impersonate the server by presenting a...

CVE-2026-35563

It was identified that the LDAP client implementation in version 2.1.7 does not verify if the server certificate matches the intended LDAP hostname. While the underlying code validates the certificate chain against a trusted authority, the absence of endpoint identification allows a valid...

PT-2026-45528

Name of the Vulnerable Software and Affected Versions Nextcloud versions 1.3.6 through 8.3.x Description An improper check in the authentication process allows users provided by LDAP to continue authenticating via user OIDC even after they have been deleted. Recommendations Update to version 8.4....

Nextcloud 访问控制错误漏洞

Nextcloud is an open-source, self-hosted communication platform for file synchronization and sharing developed by the German company Nextcloud. In versions 1.3.6 to 8.4.0, there was a vulnerability related to access control. This vulnerability stemmed from improper checks, allowing users...

GHSA-HJJ4-HFJM-FMRJ Authelia Missing Username Canonicalization in Basic Auth (LDAP)

Impact CVSSv4 Baseline Score: Moderate 6.3 CVSSv4 Weighted Score: Low 2.9 The full CVSSv4 Vector for this vulnerability is:...

CVE-2026-9801 Keycloak: keycloak: denial of service via malformed ldap password policy response

A flaw was found in Keycloak. A remote attacker with high privileges, such as a realm administrator configuring a malicious Lightweight Directory Access Protocol LDAP server or an attacker compromising an upstream LDAP server, could exploit this vulnerability. By sending a malformed LDAP password...

CVE-2026-9801

A flaw was found in Keycloak. A remote attacker with high privileges, such as a realm administrator configuring a malicious Lightweight Directory Access Protocol LDAP server or an attacker compromising an upstream LDAP server, could exploit this vulnerability. By sending a malformed LDAP password...

PT-2026-44194

Name of the Vulnerable Software and Affected Versions Keycloak affected versions not specified Description A flaw allows a remote attacker with high privileges, such as a realm administrator configuring a malicious Lightweight Directory Access Protocol LDAP server or an attacker who has compromis...

CVE-2026-48918

Jenkins Active Directory Plugin 2.41 and earlier follows LDAP referrals by default...