CVE-2026-27894

HIGH 8.8

LAM has Authenticated Local File Inclusion (LFI) in PDF export

CVSS Score

8.8

EPSS Score

0.0%

EPSS Percentile

0th

LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. Prior to version 9.5, a local file inclusion was detected in the PDF export that allows users to include local PHP files and this way execute code. In combination with GHSA-88hf-2cjm-m9g8 this allows to execute arbitrary code. Users need to login to LAM to exploit this vulnerability. Version 9.5 fixes the issue. Although upgrading is recommended, a workaround would be to make /var/lib/ldap-account-manager/config read-only for the web-server user and delete the PDF profile files (making PDF exports impossible).

CWE	CWE-98
Vendor	ldapaccountmanager
Product	lam
Published	Mar 17, 2026
Last Updated	Mar 18, 2026

Stay Ahead of the Next One

Get instant alerts for ldapaccountmanager lam

Be the first to know when new high vulnerabilities affecting ldapaccountmanager lam are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

LDAPAccountManager / lam

< 9.5

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/LDAPAccountManager/lam/security/advisories/GHSA-w7xq-vjr3-p9cf github.com: https://github.com/LDAPAccountManager/lam/security/advisories/GHSA-88hf-2cjm-m9g8 github.com: https://github.com/LDAPAccountManager/lam/releases/tag/9.5