VYPR
Unrated severityNVD Advisory· Published Feb 7, 2026· Updated Mar 5, 2026

WeKan < 8.19 LDAP Authentication Filter Injection

CVE-2026-25560

Description

WeKan versions prior to 8.19 contain an LDAP filter injection vulnerability in LDAP authentication. User-supplied username input is incorporated into LDAP search filters and DN-related values without adequate escaping, allowing an attacker to manipulate LDAP queries during authentication.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Wekan/Wekanllm-fuzzy2 versions
    <8.19+ 1 more
    • (no CPE)range: <8.19
    • (no CPE)range: 0

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.