CVE-2026-4256
HIGH
8.2
CVSS 3.1
Description
Improper neutralization of special elements used in an LDAP query ('LDAP injection') vulnerability in PEAKUP Technology Inc. PassGate allows LDAP Injection.
This issue affects PassGate: through 30042026.
Metadata
Severity & Metrics
8.2
HIGH CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
SSVC — CISA Coordinator
Affected products (1)
| Vendor | Product | Platform | Versions |
|---|---|---|---|
| PEAKUP Technology Inc. | PassGate | — | 0 ≤ 30042026 |
Weakness (CWE)
| CWE | Source | Description |
|---|---|---|
| CWE-90 | cna | CWE-90 Improper neutralization of special elements used in an LDAP query ('LDAP injection') |
CVSS scores (1)
| Score | Severity | Version | Source | Vector |
|---|---|---|---|---|
| 8.2 | HIGH | 3.1 | cna | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N |