CVE-2026-24130

Name of the Vulnerable Software and Affected Versions Moonraker versions 0.9.3 and below

Description Moonraker is a Python web server providing API access to Klipper 3D printing firmware. When the ldap component is enabled, instances are susceptible to LDAP search filter injection via the ''login'' endpoint. An attacker can leverage the 401 error response to confirm successful searches, enabling brute-force attempts to uncover LDAP entries, including user IDs and attributes. The ''login'' endpoint is the point of exploitation. The ldap component is the vulnerable component.

Recommendations Upgrade to Moonraker version 0.10.0. As a temporary workaround, set the max login attempts option in the [authorization] section of moonraker.conf to a reasonable value. As a more secure workaround, remove the ldap section from moonraker.conf and rely on the built-in user authentication.