CWE-90: LDAP Injection — known CVE vulnerabilities
CVEs classified under CWE-90 (LDAP Injection), ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (50)
CVE-2026-44930 — CVSS 9.8 (critical): An LDAP injection vulnerability in the LDAP Certificate repository of the XKMS server in Apache CXF may allow an attacker to retrieve…
CVE-2026-25560 — CVSS 9.8 (critical): WeKan versions prior to 8.19 contain an LDAP filter injection vulnerability in LDAP authentication. User-supplied username input is…
CVE-2024-54852 — CVSS 9.8 (critical): When LDAP connection is activated in Teedy versions between 1.9 to 1.12, the username field of the login form is vulnerable to LDAP…
CVE-2011-4069 — CVSS 9.8 (critical): html/admin/login.php in PacketFence before 3.0.2 allows remote attackers to conduct LDAP injection attacks and consequently bypass…
CVE-2017-14596 — CVSS 9.8 (critical): In Joomla! before 3.8.0, inadequate escaping in the LDAP authentication plugin can result in a disclosure of a username and password.
CVE-2017-8790 — CVSS 9.8 (critical): An issue was discovered on Accellion FTA devices before FTA_9_12_180. The home/seos/courier/ldaptest.html POST parameter "filter" can be…
CVE-2016-9299 — CVSS 9.8 (critical): The remoting module in Jenkins before 2.32 and LTS before 2.19.3 allows remote attackers to execute arbitrary code via a crafted serialized…
CVE-2026-39962 — CVSS 9.6 (critical): MISP is an open source threat intelligence and sharing platform. Prior to 2.5.36, improper neutralization of special elements in an LDAP…
CVE-2026-49268 — CVSS 9.1 (critical): A remote attacker can inject LDAP special characters into the Distinguished Name (DN) construction in DefaultLdapRealm class. User-supplied…
CVE-2026-41919 — CVSS 9.1 (critical): Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') vulnerability in Apache OFBiz. This issue affects…
CVE-2026-13696 — CVSS 8.8 (high): Improper neutralization of special elements used in an LDAP query ('LDAP injection') vulnerability in HAVELSAN Inc. Liman MYS allows LDAP…
CVE-2026-40459 — CVSS 8.8 (high): PAC4J is vulnerable to LDAP Injection in multiple methods. A low-privileged remote attacker can inject crafted LDAP syntax into ID-based…
CVE-2026-33289 — CVSS 8.8 (high): SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. Prior to versions 7.15.1 and…
CVE-2026-31828 — CVSS 8.8 (high): Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.5.2-alpha.13 and 8.6.26…
CVE-2025-48208 — CVSS 8.8 (high): Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') vulnerability in Apache HertzBeat . The attacker needs…
CVE-2026-40193 — CVSS 8.2 (high): maddy is a composable, all-in-one mail server. Versions prior to 0.9.3 contain an LDAP injection vulnerability in the auth.ldap module…
CVE-2026-34578 — CVSS 8.2 (high): OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.6, OPNsense's LDAP authentication connector passes the login…
CVE-2023-3447 — CVSS 7.6 (high): The Active Directory Integration / LDAP Integration plugin for WordPress is vulnerable to LDAP Injection in versions up to, and including…
CVE-2026-44671 — CVSS 7.5 (high): ZITADEL is an open source identity management platform. From 2.71.11 to before 3.4.10 and 4.15.0, a vulnerability was discovered in…
CVE-2026-29138 — CVSS 7.5 (high): SEPPmail Secure Email Gateway before version 15.0.3 allows attackers with a specially crafted email address to claim another user's PGP…
CVE-2026-29131 — CVSS 7.5 (high): SEPPmail Secure Email Gateway before version 15.0.3 allows attackers with a specially crafted email address to read the contents of emails…
CVE-2025-12764 — CVSS 7.5 (high): pgAdmin <= 9.9 is affected by an LDAP injection vulnerability in the LDAP authentication flow that allows an attacker to inject special…
CVE-2017-4927 — CVSS 7.5 (high): VMware vCenter Server (6.5 prior to 6.5 U1 and 6.0 prior to 6.0 U3c) does not correctly handle specially crafted LDAP network packets which…
CVE-2015-7294 — CVSS 7.5 (high): ldapauth-fork before 2.3.3 allows remote attackers to perform LDAP injection attacks via a crafted username.
CVE-2024-56841 — CVSS 7.4 (high): A vulnerability has been identified in Mendix LDAP (All versions < V1.1.2). Affected versions of the module are vulnerable to LDAP…
CVE-2026-1498: An LDAP Injection vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to retrieve sensitive information…
CVE-2026-11748: A vulnerability has been identified in centraldogma-server-auth-shiro versions prior to 0.84.0, where the SearchFirstActiveDirectoryRealm…
CVE-2026-0636 — CVSS 6.5 (medium): Improper neutralization of special elements used in an LDAP query ('LDAP injection') vulnerability in Legion of the Bouncy Castle Inc…
CVE-2025-52575 — CVSS 6.5 (medium): EspoCRM is an Open Source CRM (Customer Relationship Management) software. EspoCRM versions 9.1.6 and earlier are vulnerable to blind LDAP…
CVE-2025-27631 — CVSS 6.5 (medium): The TRMTracker web application is vulnerable to LDAP injection attack potentially allowing an attacker to inject code into a query and…
CVE-2016-8750 — CVSS 6.5 (medium): Apache Karaf prior to 4.0.8 used the LDAPLoginModule to authenticate users to a directory via LDAP. However, it did not encoding usernames…
CVE-2025-35431 — CVSS 5.4 (medium): CISA Thorium does not escape user controlled strings used in LDAP queries. An authenticated remote attacker can modify LDAP authorization…
CVE-2019-4297 — CVSS 5.4 (medium): IBM Robotic Process Automation with Automation Anywhere 11 could allow a remote authenticated attacker to conduct an LDAP injection. By…
CVE-2026-46745 — CVSS 5.3 (medium): Apache Airflow FAB Auth Manager contains an LDAP filter injection vulnerability (CWE-90) that allows unauthenticated attackers to…
CVE-2026-33609 — CVSS 5.3 (medium): Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees.
CVE-2026-24130 — CVSS 5.3 (medium): Moonraker is a Python web server providing API access to Klipper 3D printing firmware. In versions 0.9.3 and below, instances configured…
CVE-2026-21880 — CVSS 5.3 (medium): Kanboard is project management software focused on Kanban methodology. Versions 1.2.48 and below have an LDAP Injection vulnerability in…
CVE-2024-27310 — CVSS 5.3 (medium): Zoho ManageEngine ADSelfService Plus versions below 6401 are vulnerable to the DOS attack due to the malicious LDAP input.
CVE-2022-45910 — CVSS 5.3 (medium): Improper neutralization of special elements used in an LDAP query ('LDAP Injection') vulnerability in ActiveDirectory and Sharepoint…
CVE-2026-45559 — CVSS 4.9 (medium): Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, get_ldap_email…
CVE-2026-40606 — CVSS 4.8 (medium): mitmproxy is a interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers and mitmweb is a web-based…
CVE-2026-33751 — CVSS 4.8 (medium): n8n is an open source workflow automation platform. Prior to versions 1.123.27, 2.13.3, and 2.14.1, a flaw in the LDAP node's filter escape…
CVE-2026-42568 — CVSS 4.3 (medium): Yamcs is a mission control framework. Prior to versions 5.13.0 and 5.12.7, an LDAP injection vulnerability exists in `org.yamcs.security.Lda…
CVE-2023-6905 — CVSS 4.3 (medium): A vulnerability, which was classified as problematic, has been found in Jahastech NxFilter 4.3.2.5. This issue affects some unknown…
CVE-2026-44063 — CVSS 4.2 (medium): An LDAP injection vulnerability in Netatalk 2.1.0 through 4.4.2 allows a remote authenticated attacker to manipulate LDAP queries and…