EXECUTIVE SUMMARY:
CVE-2026-44671 with a CVSS score of 7.5 is a vulnerability in Zitadel's LDAP identity provider implementation, specifically affecting versions 4.0.0 through 4.14.0, where user-provided usernames are not properly escaped before being incorporated into LDAP search filters, allowing unauthenticated attackers to perform LDAP Filter Injection during the login process via the login flow, requiring no privileges or user interaction, and gaining the capability to enumerate valid usernames and extract sensitive attribute data from the connected LDAP directory, which can have significant business impact and consequences, including loss of data confidentiality, if exploited, and prerequisites for exploitation include the presence of an LDAP directory integrated as an identity provider, with no specific conditions required beyond the vulnerable version of Zitadel being in use.[/subscribe_to_unlock_form]
EXECUTIVE SUMMARY:
CVE-2026-44671 with a CVSS score of 7.5 is a vulnerability in Zitadel's LDAP identity provider implementation, specifically affecting versions 4.0.0 through 4.14.0, where user-provided usernames are not properly escaped before being incorporated into LDAP search filters, allowing unauthenticated attackers to perform LDAP Filter Injection during the login process via the login flow, requiring no privileges or user interaction, and gaining the capability to enumerate valid usernames and extract sensitive attribute data from the connected LDAP directory, which can have significant business impact and consequences, including loss of data confidentiality, if exploited, and prerequisites for exploitation include the presence of an LDAP directory integrated as an identity provider, with no specific conditions required beyond the vulnerable version of Zitadel being in use.[emaillocker id="1283"]
RECOMMENDATION:
REFERENCES:
The following reports contain further technical details:
https://github.com/advisories/GHSA-rxvx-hhpj-q6px