Primary

Context

Apache CXF LDAP Injection Vulnerability in XKMS Repository

Vulnerability

Patched

A vulnerability allowing LDAP injection has been identified in the LDAP Certificate repository of the XKMS server within Apache CXF. This vulnerability could enable an attacker to retrieve arbitrary certificates from the repository. It affects Apache CXF versions 4.2.0 prior to 4.2.1, 4.0.0 prior to 4.1.6, and versions prior to 3.6.11.

Impact

Exploitation of this vulnerability could lead to unauthorized retrieval of certificates from the LDAP repository.

Remediation

Users are advised to upgrade to Apache CXF versions 4.2.1, 4.1.6, or 3.6.11, all of which address this vulnerability.

Added: May 26, 2026, 4:15 PM

Updated: May 26, 2026, 4:15 PM

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

0.6

exploitability

4.7

remediation

7.7

relevance

9.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

0.6

exploitability

4.7

remediation

7.7

relevance

9.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apache CXF LDAP Injection Vulnerability in XKMS Repository

Vulnerability

Impact

Remediation

Affected Products

Apache CXF

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating