CVE-2025-35431 | HackTesting

CISA Thorium does not escape user controlled strings used in LDAP queries. An authenticated remote attacker can modify LDAP authorization data such as group memberships. Fixed in 1.1.1.

Credits

, OpenAI Security Research

References

https://github.com/cisagov/thorium/releases/tag/1.1.1

https://github.com/cisagov/thorium/commit/7c94a0b9bc2dc55e0c307360452f348bac06820c#diff-45e1e58dfb6faacf9efe778c31ead287d8e13ae07c5dad084c792bc4a0605a68R1007-R1008

https://www.cve.org/CVERecord?id=CVE-2025-35431

https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-259-01.json