CVE-2026-44304
Netflix · Lemur
Netflix Lemur is vulnerable to LDAP injection, which may allow an authenticated attacker to manipulate backend queries.
Executive summary
Netflix Lemur versions prior to 1.9.0 contain an LDAP injection vulnerability that allows authenticated users to compromise backend data integrity.
Vulnerability
This is an LDAP Injection vulnerability (CWE-90) where the application fails to properly neutralize special elements in inputs used for LDAP queries, allowing authenticated attackers to execute unauthorized queries.
Business impact
An attacker capable of exploiting this LDAP injection could potentially bypass access controls, extract sensitive directory information, or gain unauthorized administrative privileges within the Lemur environment. Given the 8.1 CVSS score, this vulnerability poses a severe risk to the confidentiality and integrity of certificate management operations.
Remediation
Immediate Action: Update to Lemur version 1.9.0 or later to resolve the underlying input sanitization flaw.
Proactive Monitoring: Monitor LDAP query logs for unusual query patterns or syntax errors that suggest injection attempts.
Compensating Controls: Implement strict input validation and query parameterization at the application level if immediate patching is not feasible.
Exploitation status
Public Exploit Available: No (No confirmed public exploit available).
Analyst recommendation
The risk of directory manipulation via LDAP injection is substantial. Users should update to version 1.9.0 immediately to ensure that LDAP queries are correctly neutralized and that the integrity of the certificate management system is maintained.