CWE-90: CWE-90

This vulnerability allows attackers to perform LDAP injection attacks on Mastodon instances configured with LDAP authentication. By manipulating login...

This LDAP injection vulnerability in OX App Suite's optional LDAP contacts provider allows privileged users to inject malicious LDAP filter strings. T...

pgAdmin versions up to 9.9 have an LDAP injection vulnerability in the authentication flow that allows attackers to inject special LDAP characters in ...

Mendix LDAP module versions before 1.1.2 are vulnerable to LDAP injection attacks. This allows unauthenticated remote attackers to bypass username ver...

CVE-2025-27631 is an LDAP injection vulnerability in the TRMTracker web application that allows attackers to inject malicious LDAP queries. This could...

CVE-2025-35431 is an LDAP injection vulnerability in CISA Thorium that allows authenticated attackers to modify LDAP authorization data like group mem...

Moonraker versions 0.9.3 and below with LDAP enabled are vulnerable to LDAP injection attacks through the login endpoint. Attackers can use error mess...

Kanboard versions 1.2.48 and below contain an LDAP injection vulnerability in the authentication mechanism. Attackers can manipulate LDAP search filte...

This vulnerability allows authenticated Mattermost administrators with specific permissions to perform LDAP search filter injection when linking LDAP ...

CVE-2026-25560 is an LDAP filter injection vulnerability in WeKan versions before 8.19. Attackers can manipulate LDAP queries during authentication by...

An LDAP injection vulnerability in WatchGuard Fireware OS allows remote attackers to retrieve sensitive information from connected LDAP servers throug...