CVE-2026-42568

CVE-2026-42568 affects YAMCS when LdapAuthModule is configured. The root cause is that the username parameter is inserted directly into LDAP search filters without RFC 4515 escaping, enabling an authentication bypass (e.g., username=*) and potentially granting access to tokens for first matching ...

CVE-2026-42568 Yamcs Vulnerable to LDAP Injection in LdapAuthModule

Yamcs is a mission control framework. Prior to versions 5.13.0 and 5.12.7, an LDAP injection vulnerability exists in org.yamcs.security.LdapAuthModule when constructing search filters. The username parameter is inserted directly into the LDAP filter without proper RFC 4515 escaping. Versions 5.13...

CVE-2026-42568 Yamcs Vulnerable to LDAP Injection in LdapAuthModule

Yamcs is a mission control framework. Prior to versions 5.13.0 and 5.12.7, an LDAP injection vulnerability exists in org.yamcs.security.LdapAuthModule when constructing search filters. The username parameter is inserted directly into the LDAP filter without proper RFC 4515 escaping. Versions 5.13...

Code Injection

Yamcs is vulnerable to Code Injection. The vulnerability is due to the dynamic compilation and execution of user-controlled Python algorithm code through Jython without a secure sandbox, which allows an authenticated attacker to execute arbitrary code on the underlying host system...

Yamcs security vulnerabilities

Yamcs is an open-source software framework developed by Yamcs. It is used for commanding and controlling spacecraft, satellites, payloads, ground stations, and ground equipment. There are security vulnerabilities in YAMCS, and attackers can exploit these vulnerabilities to perform LDAP injection...

Yamcs security vulnerabilities

Yamcs is an open-source software framework developed by Yamcs. It is used for commanding and controlling spacecraft, satellites, payloads, ground stations, and ground equipment. Yamcs has a security vulnerability that stems from allowing enumeration of users...

Yamcs security vulnerabilities

Yamcs is an open-source software framework developed by Yamcs. It is used for commanding and controlling spacecraft, satellites, payloads, ground stations, and ground equipment. YAMCS has a security vulnerability that stems from the lack of rate limits...

YAMCS yamcs-core 5.12.7 - LDAP Injection

Exploit Title: YAMCS yamcs-core 5.12.7 - LDAP Injection Date: 2026-05-27 Exploit Author: Daniel Miranda Barcelona Excal1bur Vendor Homepage: https://yamcs.org Software Link: https://github.com/yamcs/yamcs Version: 1 else "http://localhost:8090" base = target.rstrip"/" print"=" 65 print"...

YAMCS yamcs-core 5.12.7 - User Enumeration

Exploit Title: YAMCS yamcs-core 1 else "http://localhost:8090" username = sys.argv2 if lensys.argv 2 else "testuser" password = sys.argv3 if lensys.argv 3 else "test" base = target.rstrip"/" print"=" 65 print" CVE-2026-44595 — YAMCS IAM User Enumeration PoC" printf" Target: target" printf"...

YAMCS yamcs-core 5.12.7 - No Rate Limiting

Exploit Title: YAMCS yamcs-core 5.12.7 - No Rate Limiting Date: 2026-05-27 Exploit Author: Daniel Miranda Barcelona Excal1bur Vendor Homepage: https://yamcs.org Software Link: https://github.com/yamcs/yamcs Version: 5.12.7 Tested on: Linux CVE: CVE-2026-44596 Category: Remote / Brute Force...

Exploit for CVE-2026-42568

CVE-2026-42568 — YAMCS LDAP Injection in LdapAuthModule Su...

Exploit for CVE-2026-44595

CVE-2026-44595 — YAMCS Unauthorized User Enumeration via IAM A...

Exploit for CVE-2026-44596

CVE-2026-44596 — YAMCS No Rate Limiting on Authentication Endp...

org.yamcs:distribution (>=4.7.1 <=5.12.6), org.yamcs:packet-viewer (>=4.10.3 <=5.12.6) +14 more potentially affected by CVE-2026-46621 via org.yamcs:yamcs-core (>=0.29.3 <=5.12.6)

org.yamcs:yamcs-core MAVEN version =0.29.3, =4.7.1, =4.10.3, =4.10.3, =5.10.0, =5.10.0, =3.4.0, =4.5.0, =0.1.0, =0.1, =4.5.0, =0.29.3, =1.0.0, =4.7, =4.10.3, =5.12.6 and more Source cves: CVE-2026-46621 Source advisory: OSV:GHSA-2G95-6X5Q-XJWJ...

org.yamcs:distribution (>=5.0.0 <=5.12.6), org.yamcs:packet-viewer (>=5.0.0 <=5.12.6) +9 more potentially affected by CVE-2026-46621 via org.yamcs:yamcs-core (>=5.0.0 <=5.12.6)

org.yamcs:yamcs-core MAVEN version =5.0.0, =5.0.0, =5.0.0, =5.10.0, =5.10.0, =0.1.0, =0.1, =1.0.0, =5.0.0, =5.0.0, =0.1.0, =0.8.0 Source cves: CVE-2026-46621 Source advisory: SNYK:JAVA-ORGYAMCS-17230855...

Yamcs Vulnerable to Authenticated Remote Code Execution (RCE) via Jython Algorithm Code Injection

Summary A Server-Side Code Injection vulnerability exists in the Yamcs script evaluation engine for Python algorithms. The application dynamically compiles and evaluates user-controlled algorithm text using Jython via the JSR-223 ScriptEngine API without enforcing a secure sandbox. An authenticat...

GHSA-2G95-6X5Q-XJWJ Yamcs Vulnerable to Authenticated Remote Code Execution (RCE) via Jython Algorithm Code Injection

Summary A Server-Side Code Injection vulnerability exists in the Yamcs script evaluation engine for Python algorithms. The application dynamically compiles and evaluates user-controlled algorithm text using Jython via the JSR-223 ScriptEngine API without enforcing a secure sandbox. An authenticat...

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the dynamic evaluation of user-supplied algorithm code in the script evaluation engine. An attacker can execute arbitrary operating system commands by injecting malicious Jython code through the REST API whe...

org.yamcs:distribution (>=4.7.1 <=5.12.6), org.yamcs:packet-viewer (>=4.10.3 <=5.12.6) +14 more potentially affected by CVE-2026-46562 via org.yamcs:yamcs-core (>=0.29.3 <=5.12.6)

org.yamcs:yamcs-core MAVEN version =0.29.3, =4.7.1, =4.10.3, =4.10.3, =5.10.0, =5.10.0, =3.4.0, =4.5.0, =0.1.0, =0.1, =4.5.0, =0.29.3, =1.0.0, =4.7, =4.10.3, =5.12.6 and more Source cves: CVE-2026-46562 Source advisory: OSV:GHSA-VMWP-VH32-RJ75...

org.yamcs:distribution (>=5.0.0 <=5.12.6), org.yamcs:packet-viewer (>=5.0.0 <=5.12.6) +9 more potentially affected by CVE-2026-46562 via org.yamcs:yamcs-core (>=5.0.0 <=5.12.6)

org.yamcs:yamcs-core MAVEN version =5.0.0, =5.0.0, =5.0.0, =5.10.0, =5.10.0, =0.1.0, =0.1, =1.0.0, =5.0.0, =5.0.0, =0.1.0, =0.8.0 Source cves: CVE-2026-46562 Source advisory: SNYK:JAVA-ORGYAMCS-17230916...