Lemonldap-ng Lemonldap::ng

2 CVEs affecting Lemonldap-ng Lemonldap::ng. Latest disclosed: 2026-01-16. Critical: 0, High: 2.

Top CVEs affecting Lemonldap-ng Lemonldap::ng
CVESeverityScorePublishedSummary
CVE-2025-59518High8.02025-09-17In LemonLDAP::NG before 2.16.7 and 2.17 through 2.21 before 2.21.3, OS command injection can occur in the Safe jail. It does not Localize _ during rule evaluat…
CVE-2025-31510High7.22026-01-16In the portal in LemonLDAP::NG before 2.21.0, cross-site scripting (XSS) allows remote attackers to inject arbitrary web script or HTML (into the login page) v…