https://cve.report/CVE-2026-40193
Maddy Mail Server: LDAP Filter Injection via Unsanitized Username - CVE.report
Apr 22, 2026 - maddy is a composable, all-in-one mail server. Versions prior to 0.9.3 contain an LDAP injection vulnerability in the auth.ldap module where user-supplied...
maddy mail serverldapfilter