VYPR
Medium severityGHSA Advisory· Published Apr 15, 2026· Updated May 19, 2026

CVE-2026-0636

CVE-2026-0636

Description

Improper neutralization of special elements used in an LDAP query ('LDAP injection') vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all (prov modules).

This vulnerability is associated with program files LDAPStoreHelper.

This issue affects BC-JAVA: from 1.74 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.bouncycastle:bcprov-jdk14Maven
>= 1.74, < 1.841.84
org.bouncycastle:bcprov-jdk15to18Maven
>= 1.74, < 1.841.84
org.bouncycastle:bcprov-jdk18onMaven
>= 1.74, < 1.841.84

Affected products

93

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.