English
EN
Français
FR
Language
English
EN
Français
FR

CVE Vulnerabilities

Posts & Pages

No results found for ""

Try different keywords or check spelling

Search in CVE database, posts & pages • Press ESC to close

DNA View

CVE-2026-0636

Low
Low Medium High Critical
CVSS Score
Published: Apr 15, 2026
Last Modified: Apr 17, 2026
CWE: CWE-90

Vulnerability Description

Improper neutralization of special elements used in an LDAP query ('LDAP injection') vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all (prov modules). This vulnerability is associated with program files LDAPStoreHelper.

This issue affects BC-JAVA: from 1.74 before 1.84.

Available Security Patches

1 patch available from vendors

View All Patches
SUSE

CVE-2026-0636

CVE-2026-0636

Severity
Unknown
Released
Apr 17, 2026
Security Update
View Details Vendor Page
Browse All Security Patches

References & Resources

Severity Details

out of 10.0
Low

Weakness Type (CWE)

CWE-90

Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')

Description
The product constructs all or part of an LDAP query using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended LDAP query when it is sent to a…
Typical Severity
Medium
Abstraction Level
Base
View CWE Details on MITRE

Key Information

Published Date
April 15, 2026

External Resources

NIST
NIST NVD
National Vulnerability Database
MT
MITRE CVE
Official CVE record