CVE-2026-40459 | PAC4J up to 4.5.9/5.7.9/6.4.0 LDAP Search ldap injection

Inserito da Angelo Barbosa | Apr 17, 2026 | CVE

A vulnerability classified as critical has been found in PAC4J up to 4.5.9/5.7.9/6.4.0. Impacted is an unknown function of the component LDAP Handler. Performing a manipulation of the argument Search results in ldap injection.

This vulnerability is reported as CVE-2026-40459. The attack is possible to be carried out remotely. No exploit exists.

It is recommended to upgrade the affected component.

CVE-2026-40459 | PAC4J up to 4.5.9/5.7.9/6.4.0 LDAP Search ldap injection

Post correlati

CVE-2025-3952 | Projectopia Plugin up to 5.1.16 on WordPress pto_remove_logo authorization

CVE-2026-6179 | FPT NightWolf Penetration Testing Platform up to 2.1.5 cross site scripting

CVE-2026-26152 | Microsoft Windows up to Server 2025 sensitive information

CVE-2024-9727 | Trimble SketchUp Viewer SKP File Parser use after free (ZDI-24-1476)