Vulnerability Database

313,825

Total vulnerabilities in the database

CVE-2025-67493

Homarr is an open-source dashboard. Prior to version 1.45.3, it was possible to craft an input which allowed privilege escalation and getting access to groups of other users due to missing sanitization of inputs in ldap search query. The vulnerability could impact all instances using ldap authentication where a malicious actor had access to a user account. Version 1.45.3 has a patch for the issue.

Published: Dec 17, 2025
Updated: Dec 18, 2025
CVE: CVE-2025-67493
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:L

CWEs:

OWASP TOP 10:

A1 - Injection

Affected Software
References

No affected software listed.

https://github.com/homarr-labs/homarr/security/advisories/GHSA-59gp-q3xx-489q

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo