CVE-2026-27851

Description

When safe filter is used with variable expansion, all following pipelines on the same string are incorrectly interpreted as safe too, enabling unsafe data to be unescaped. This can enable SQL / LDAP injection attacks when used in authentication. Avoid using safe filter until on fixed version. No publicly available exploits are known.

How to fix CVE-2026-27851

No fixed version has been published yet. Mitigate by removing the affected package or applying upstream guidance from the references below.

—no fix listed

Is CVE-2026-27851 being exploited?

Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

from 0

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	CRITICAL9.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

References (1)

ADVISORYsecurity-tracker.debian.org/tracker/CVE-2026-27851