CVE-2026-47840 - LDAP StartTLS unconditionally disables hostname verification
CVE ID :CVE-2026-47840 Published : July 9, 2026, 7:16 a.m. | 1 hour, 15 minutes ago Description :A network attacker positioned between UAA and its LDAP directory can impersonate the directory using any certificate from any trusted CA, then harvest the LDAP bind password and every end-user...