CVE-2026-10549
Privilege escalation in Yandex Database
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
LDAP filter injection vulnerability in Yandex Database prior to 25.3.1.25 allows a remote attacker with valid LDAP credentials to bypass group membership checks resulting in unauthorized access to the database.
| CWE | CWE-280 |
| Vendor | yandex |
| Product | yandex database |
| Published | Jun 2, 2026 |
| Last Updated | Jun 2, 2026 |
Stay Ahead of the Next One
Get instant alerts for yandex yandex database
Be the first to know when new unknown vulnerabilities affecting yandex yandex database are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Yandex / Yandex Database
0 < 25.3.1.25