{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-0636", "assignerOrgId": "91579145-5d7b-4cc5-b925-a0262ff19630", "state": "PUBLISHED", "assignerShortName": "bcorg", "dateReserved": "2026-01-06T03:18:21.572Z", "datePublished": "2026-04-15T08:59:12.677Z", "dateUpdated": "2026-04-15T13:12:22.433Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "91579145-5d7b-4cc5-b925-a0262ff19630", "shortName": "bcorg", "dateUpdated": "2026-04-15T09:46:44.996Z"}, "title": "LDAP Injection Vulnerability in LDAPStoreHelper.java", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-90", "description": "CWE-90 Improper neutralization of special elements used in an LDAP query ('LDAP injection')", "type": "CWE"}]}], "affected": [{"vendor": "Legion of the Bouncy Castle Inc.", "product": "BC-JAVA", "platforms": ["all"], "collectionURL": "https://www.bouncycastle.org/download/bouncy-castle-java/", "packageName": "bcprov", "repo": "https://github.com/bcgit/bc-java", "modules": ["prov"], "programFiles": ["LDAPStoreHelper"], "versions": [{"status": "affected", "version": "1.74", "lessThan": "1.84", "versionType": "maven"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Improper neutralization of special elements used in an LDAP query ('LDAP injection') vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all (prov modules). This vulnerability is associated with program files LDAPStoreHelper.\n\nThis issue affects BC-JAVA: from 1.74 before 1.84.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Improper neutralization of special elements used in an LDAP query ('LDAP injection') vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all (prov modules).<p> This vulnerability is associated with program files LDAPStoreHelper.</p><p>This issue affects BC-JAVA: from 1.74 before 1.84.</p>"}]}], "references": [{"url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%900636", "tags": ["vendor-advisory"]}, {"url": "https://github.com/bcgit/bc-java/commit/d20cdb8430e09224114fec0179a71859929fcbde", "tags": ["patch"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "LOW", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "PROOF_OF_CONCEPT", "Safety": "NEGLIGIBLE", "Automatable": "YES", "Recovery": "AUTOMATIC", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "MODERATE", "providerUrgency": "AMBER", "version": "4.0", "baseSeverity": "MEDIUM", "baseScore": 5.5, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/S:N/AU:Y/R:A/RE:M/U:Amber"}}], "credits": [{"lang": "en", "value": "Prasanth Sundararajan (prasanth.srihari@gmail.com)", "type": "finder"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-15T13:12:14.838595Z", "id": "CVE-2026-0636", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-15T13:12:22.433Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-0636", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-15T13:12:14.838595Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-15T13:12:16.829Z"}}], "cna": {"title": "LDAP Injection Vulnerability in LDAPStoreHelper.java", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Prasanth Sundararajan (prasanth.srihari@gmail.com)"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NEGLIGIBLE", "version": "4.0", "Recovery": "AUTOMATIC", "baseScore": 5.5, "Automatable": "YES", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/S:N/AU:Y/R:A/RE:M/U:Amber", "exploitMaturity": "PROOF_OF_CONCEPT", "providerUrgency": "AMBER", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnerabilityResponseEffort": "MODERATE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://github.com/bcgit/bc-java", "vendor": "Legion of the Bouncy Castle Inc.", "modules": ["prov"], "product": "BC-JAVA", "versions": [{"status": "affected", "version": "1.74", "lessThan": "1.84", "versionType": "maven"}], "platforms": ["all"], "packageName": "bcprov", "programFiles": ["LDAPStoreHelper"], "collectionURL": "https://www.bouncycastle.org/download/bouncy-castle-java/", "defaultStatus": "unaffected"}], "references": [{"url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%900636", "tags": ["vendor-advisory"]}, {"url": "https://github.com/bcgit/bc-java/commit/d20cdb8430e09224114fec0179a71859929fcbde", "tags": ["patch"]}], "x_generator": {"engine": "Vulnogram 1.0.1"}, "descriptions": [{"lang": "en", "value": "Improper neutralization of special elements used in an LDAP query ('LDAP injection') vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all (prov modules). This vulnerability is associated with program files LDAPStoreHelper.\n\nThis issue affects BC-JAVA: from 1.74 before 1.84.", "supportingMedia": [{"type": "text/html", "value": "Improper neutralization of special elements used in an LDAP query ('LDAP injection') vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all (prov modules).<p> This vulnerability is associated with program files LDAPStoreHelper.</p><p>This issue affects BC-JAVA: from 1.74 before 1.84.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-90", "description": "CWE-90 Improper neutralization of special elements used in an LDAP query ('LDAP injection')"}]}], "providerMetadata": {"orgId": "91579145-5d7b-4cc5-b925-a0262ff19630", "shortName": "bcorg", "dateUpdated": "2026-04-15T09:46:44.996Z"}}}, "cveMetadata": {"cveId": "CVE-2026-0636", "state": "PUBLISHED", "dateUpdated": "2026-04-15T13:12:22.433Z", "dateReserved": "2026-01-06T03:18:21.572Z", "assignerOrgId": "91579145-5d7b-4cc5-b925-a0262ff19630", "datePublished": "2026-04-15T08:59:12.677Z", "assignerShortName": "bcorg"}, "dataVersion": "5.2"}

{}

{}

{"analysis": {"en": {"generated_at": "2026-04-15T11:28:18.483283+00:00", "value": {"mitigation_remediation": ["Upgrade to BC-JAVA version 1.84 or newer, which contains the patch for LDAP injection in LDAPStoreHelper.java.", "If an upgrade is not immediately possible, ensure that all user-controlled data passed to LDAPStoreHelper is properly escaped or sanitised using Bouncy Castle\u2019s provided escaping utilities before inclusion in the LDAP filter.", "Perform a code review of all LDAP query construction points in the application to confirm that no unsanitised user input can reach the LDAPStoreHelper class."], "summary": {"action": "Immediate Patch", "impact": "LDAP Injection"}, "threat_synthesis": {"affected_systems": "Legion of the Bouncy Castle Inc. provides the BC-JAVA bcprov component in its prov modules. Versions from 1.74 before 1.84 are affected. The issue applies to all bcprov modules that use LDAPStoreHelper.java.", "description_and_impact": "Improper neutralization of special elements in LDAP queries in Bouncy Castle\u2019s BC-JAVA bcprov library can allow an attacker to inject arbitrary LDAP filter syntax via LDAPStoreHelper. This LDAP injection flaw may enable unauthorized reading or modification of directory entries, potentially exposing sensitive data or undermining authentication processes. The weakness is identified as CWE-90.", "risk_and_exploitability": "The vulnerability carries a CVSS score of 5.5, indicating moderate impact. EPSS data is unavailable, so the exploitation probability cannot be quantified. The vulnerability is not listed in the CISA KEV catalog. Attackers can exploit the flaw remotely by supplying crafted input to the LDAP query construction within any application that incorporates the affected Bouncy Castle library, making it a moderate-risk, attack-vector-indirect risk."}}}}, "created": "2026-04-15T13:49:14.859181+00:00", "updated": "2026-04-15T13:49:14.859202+00:00", "vendors": []}