CVE-2026-20746

Published: Jun 12, 2026Modified: Jun 12, 2026

6.3

Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:L/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:Y/R:U/V:X/RE:M/U:Amber

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:L/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:Y/R:U/V:X/RE:M/U:AmberShow less

Source: responsible-disclosure@pingidentity.com (Secondary)

Description

Virtual attribute handling in Ping Identity PingDirectory in affected versions allows only authorized users to exhaust java memory heap when recent login history is enabled and copying virtual attributes that reference ds-privilege-name values.

Related CWEs

CWE-401

Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

References (3)

https://docs.pingidentity.com/pingdirectory/11.0/release_notes/pd_release_notes.html#pingdirectory-suite-of-products-11-0-0-1-march-2026

Source: responsible-disclosure@pingidentity.com

https://support.pingidentity.com/s/article/SECADV052-Denial-of-Service-via-copying-virtual-attributes

Source: responsible-disclosure@pingidentity.com

https://www.pingidentity.com/en/resources/downloads/pingdirectory-downloads.html

Source: responsible-disclosure@pingidentity.com

Timeline

No history available yet.