VYPR

Maven package

org.apache.druid.extensions/druid-basic-security

pkg:maven/org.apache.druid.extensions/druid-basic-security

Vulnerabilities (1)

  • CVE-2026-23906Feb 10, 2026
    affected >= 0.17.0, < 36.0.0fixed 36.0.0

    Affected Products and Versions * Apache Druid * Affected Versions: 0.17.0 through 35.x (all versions prior to 36.0.0) * Prerequisites: * druid-basic-security extension enabled * LDAP authenticator configured * Underlying LDAP server permits anonymous bind