Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-14969

A flaw was found in 389-ds-base where the LDBM backend attribute encryption uses a hardcoded static initialization vector for AES-CBC and 3DES-CBC operations, allowing an attacker with privileged filesystem access to detect plaintext equality across encrypted entries by comparing ciphertext blocks.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 0.2%
CVSS Severity
CVSS v3 Score 4.4
Products affected by CVE-2026-14969


Contact Us

Shodan ® - All rights reserved