CVE-2026-0636

Published: Apr 15, 2026 Last Modified: Apr 15, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 5,5

Source: 91579145-5d7b-4cc5-b925-a0262ff19630

Attack Vector: network

Attack Complexity: low

Privileges Required: none

User Interaction: none

Confidentiality: N/A

Integrity: N/A

Availability: N/A

Description

AI Translation Available

Improper neutralization of special elements used in an LDAP query ('LDAP injection') vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all (prov modules). This vulnerability is associated with program files LDAPStoreHelper.

This issue affects BC-JAVA: from 1.74 before 1.84.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,0005

Percentile

0,1th

Updated

EPSS Score Trend (Last 2 Days)

Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')

Draft

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Confidentiality Integrity Availability

Potential Impacts:

Execute Unauthorized Code Or Commands Read Application Data Modify Application Data

Applicable Platforms

Technologies: Database Server

View CWE Details

https://github.com/bcgit/bc-java/commit/d20cdb8430e09224114…

https://github.com/bcgit/bc-java/commit/d20cdb8430e09224114fec0179a71859929fcbde

https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%8…

https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%900636

CVE-2026-0636

Description

EPSS (Exploit Prediction Scoring System)

EPSS (Exploit Prediction Scoring System)

EPSS Score Trend (Last 2 Days)

Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')

Common Consequences

Applicable Platforms

Iscriviti alla newsletter