Main Vulnerability Database Exploits ID:12023 - Exploit for Type Confusion in python-ldap - CVE-2025-61911

ID:12023 - Exploit for Type Confusion in python-ldap - CVE-2025-61911

Published: October 13, 2025

Vulnerability identifier: #VU116911

Vulnerability risk: High

CVE-ID: CVE-2025-61911

CWE-ID: CWE-843

Exploitation vector: Remote access

Vulnerable software:
python-ldap

Link to public exploit:

https://github.com/python-ldap/python-ldap/security/advisories/GHSA-r7r6-cc7p-4v5m/#poc

Vulnerability description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to a type confusion error in ldap.filter.escape_filter_chars. A remote attacker can perform ldap injection attack and disclose or manipulate ldap data.

Remediation

Install updates from vendor's website.

ID:12023 - Exploit for Type Confusion in python-ldap - CVE-2025-61911

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human