CVE-2026-23906 | Apache Druid up to 35.x LDAP improper authentication

Inserito da Angelo Barbosa | Feb 9, 2026 | CVE

A vulnerability classified as critical was found in Apache Druid up to 35.x. The impacted element is an unknown function of the component LDAP Handler. Such manipulation leads to improper authentication.

This vulnerability is traded as CVE-2026-23906. The attack may be launched remotely. There is no exploit available.

Upgrading the affected component is advised.

CVE-2026-23906 | Apache Druid up to 35.x LDAP improper authentication

Post correlati

CVE-2024-12569 | Milestone Systems XProtect VMS prior 13.5a on Windows HikVision Camera Driver log file

CVE-2024-31574 | TWCMS 2.6 cross site scripting

CVE-2024-26898 | Linux Kernel up to 6.8.1 aoecmd_cfg_pkts use after free

CVE-2024-50634 | sbondCo Watcharr up to 1.43.0 JWT Token access control