← back
CVE-2026-13696

LDAP Injection in HAVELSAN's Liman MYS

CVSS 8.8 HIGHEPSS 0.4%CWE-90
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8.8EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
07 Jul 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Improper neutralization of special elements used in an LDAP query ('LDAP injection') vulnerability in HAVELSAN Inc. Liman MYS allows LDAP Injection. This issue affects Liman MYS: before release.Master.1107.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H