Known Vulnerabilities for Directory Ldap Api by Apache
Listed below are 3 of the newest known vulnerabilities associated with "Directory Ldap Api" by "Apache".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-57288 json | Jenkins Active Directory Plugin 2.41.1 and earlier does not escape the user name before building the LDAP search filter in th... | Not Provided | 2026-06-24 | 2026-06-24 |
| CVE-2026-48919 json | Jenkins Active Directory Plugin 2.41 and earlier deserializes data from LDAP referrals without validation. | Not Provided | 2026-05-27 | 2026-05-27 |
| CVE-2026-48918 json | Jenkins Active Directory Plugin 2.41 and earlier follows LDAP referrals by default. | Not Provided | 2026-05-27 | 2026-05-27 |
| CVE-2026-46776 json | Vulnerability in the Oracle Unified Directory product of Oracle Fusion Middleware (component: OUD Core). Supported versions ... | Not Provided | 2026-06-17 | 2026-06-17 |
| CVE-2026-46773 json | Vulnerability in the Oracle Unified Directory product of Oracle Fusion Middleware (component: OUD Core). Supported versions ... | Not Provided | 2026-06-17 | 2026-06-19 |
| CVE-2026-46745 json | Apache Airflow FAB Auth Manager contains an LDAP filter injection vulnerability (CWE-90) that allows unauthenticated attacker... | Not Provided | 2026-05-25 | 2026-05-26 |
| CVE-2026-44671 json | ZITADEL is an open source identity management platform. From 2.71.11 to before 3.4.10 and 4.15.0, a vulnerability was discove... | Not Provided | 2026-05-14 | 2026-05-14 |
| CVE-2026-40459 json | PAC4J is vulnerable to LDAP Injection in multiple methods. A low-privileged remote attacker can inject crafted LDAP syntax in... | Not Provided | 2026-04-17 | 2026-04-17 |
| CVE-2026-40193 json | maddy is a composable, all-in-one mail server. Versions prior to 0.9.3 contain an LDAP injection vulnerability in the auth.ld... | Not Provided | 2026-04-16 | 2026-04-16 |
| CVE-2026-39455 json | When the BIG-IP Configuration utility is configured to use Lightweight Directory Access Protocol (LDAP) authentication, undis... | Not Provided | 2026-05-13 | 2026-05-13 |