Vulnerability Description
LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. Prior to version 9.5, the PDF export component does not correctly validate uploaded file extensions. This way any file type (including .php files) can be uploaded. With GHSA-w7xq-vjr3-p9cf, an attacker can achieve remote code execution as the web server user. Version 9.5 fixes the issue. Although upgrading is recommended, a workaround would be to make /var/lib/ldap-account-manager/config read-only for the web-server user.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ldap-Account-Manager | Ldap Account Manager | >= 8.5, < 9.5 |
Related Weaknesses (CWE)
References
- https://github.com/LDAPAccountManager/lam/releases/tag/9.5Patch
- https://github.com/LDAPAccountManager/lam/security/advisories/GHSA-88hf-2cjm-m9gVendor Advisory
- https://github.com/LDAPAccountManager/lam/security/advisories/GHSA-w7xq-vjr3-p9cNot Applicable
FAQ
What is CVE-2026-27895?
CVE-2026-27895 is a vulnerability with a CVSS score of 4.3 (MEDIUM). LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. Prior to version 9.5, the PDF export component does not correctly vali...
How severe is CVE-2026-27895?
CVE-2026-27895 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-27895?
Check the references section above for vendor advisories and patch information. Affected products include: Ldap-Account-Manager Ldap Account Manager.