CVE-2026-42568

Published
View on NVD ↗
CVSS v3
4.3
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT

Description

Yamcs is a mission control framework. Prior to versions 5.13.0 and 5.12.7, an LDAP injection vulnerability exists in `org.yamcs.security.LdapAuthModule` when constructing search filters. The username parameter is inserted directly into the LDAP filter without proper RFC 4515 escaping. Versions 5.13.0 and 5.12.7 patch the issue.

yamcs/yamcs
yamcs/yamcs
A framework for mission control
GitHubGitHub
282