Back to overview

CVE-2026-13696

HIGH
8.8
CVSS 3.1
Description
Improper neutralization of special elements used in an LDAP query ('LDAP injection') vulnerability in HAVELSAN Inc. Liman MYS allows LDAP Injection. This issue affects Liman MYS: before release.Master.1107.

Metadata

CVE ID
CVE-2026-13696
State
PUBLISHED
Assigner
TR-CERT
Reserved
2026-06-29 11:13 UTC
Published
2026-07-07 11:15 UTC
Last updated
2026-07-07 13:23 UTC
Primary CWE
CWE-90
CWE-90 Improper neutralization of special elements used in a…
Vendor / Product
HAVELSAN Inc. / Liman MYS
Sources
cve.org  ·  NVD

Severity & Metrics

8.8 HIGH CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
SSVC — CISA Coordinator
Exploitation
none
Automatable
no
Tech. Impact
total
Affected products (1)
VendorProductPlatformVersions
HAVELSAN Inc. Liman MYS 0 < release.master.1107
Weakness (CWE)
CWESourceDescription
CWE-90 cna CWE-90 Improper neutralization of special elements used in an LDAP query ('LDAP injection')
CVSS scores (1)
ScoreSeverityVersionSourceVector
8.8 HIGH 3.1 cna CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Back to overview