CVE-2026-44930
CriticalCVSS 9.8Exploitation Probability (EPSS)
Low risk48th percentile — higher than 48% of all known CVEs
Summary
An LDAP injection vulnerability in the LDAP Certificate repository of the XKMS server in Apache CXF may allow an attacker to retrieve arbitrary certificates from the repository.
Risk Assessment
An attacker could gain unauthorized access to sensitive certificates, potentially compromising the confidentiality and integrity of communications within the organization.
Recommendation
Upgrade Apache CXF to versions 4.2.1, 4.1.6, or 3.6.11, which contain the fix for this vulnerability.
Original NVD description (English source)
An LDAP injection vulnerability in the LDAP Certificate repository of the XKMS server in Apache CXF may allow an attacker to retrieve arbitrary certificates from the repository. Users are recommended to upgrade to versions 4.2.1, 4.1.6 or 3.6.11, which fix this issue.

