CVE-2026-44304

Netflix · Lemur

Netflix Lemur is vulnerable to LDAP injection, which may allow an authenticated attacker to manipulate backend queries.

Executive summary

Netflix Lemur versions prior to 1.9.0 contain an LDAP injection vulnerability that allows authenticated users to compromise backend data integrity.

Vulnerability

This is an LDAP Injection vulnerability (CWE-90) where the application fails to properly neutralize special elements in inputs used for LDAP queries, allowing authenticated attackers to execute unauthorized queries.

Business impact

An attacker capable of exploiting this LDAP injection could potentially bypass access controls, extract sensitive directory information, or gain unauthorized administrative privileges within the Lemur environment. Given the 8.1 CVSS score, this vulnerability poses a severe risk to the confidentiality and integrity of certificate management operations.

Remediation

Immediate Action: Update to Lemur version 1.9.0 or later to resolve the underlying input sanitization flaw.

Proactive Monitoring: Monitor LDAP query logs for unusual query patterns or syntax errors that suggest injection attempts.

Compensating Controls: Implement strict input validation and query parameterization at the application level if immediate patching is not feasible.

Exploitation status

Public Exploit Available: No (No confirmed public exploit available).

Analyst recommendation

The risk of directory manipulation via LDAP injection is substantial. Users should update to version 1.9.0 immediately to ensure that LDAP queries are correctly neutralized and that the integrity of the certificate management system is maintained.