CVE Catalog
CVE-2026-41919
CriticalSummary
CVE-2026-41919 describes an improper neutralization of special elements used in LDAP queries, leading to LDAP Injection vulnerability in Apache OFBiz.
Risk Assessment
An attacker could exploit this vulnerability to manipulate LDAP queries, potentially leading to unauthorized access to data or systems.
Recommendation
Users are advised to upgrade to version 24.09.06 of Apache OFBiz, which fixes the issue.
Original NVD description (English source)
Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue.

