{"@context":"https://openvex.dev/ns/v0.2.0","@id":"https://database.harborguard.co/cve/CVE-2026-46689/vex.json","author":"HarborGuard Database","role":"Document Creator","timestamp":"2026-06-11T12:55:59.122Z","version":1,"tooling":"HarborGuard Database (https://database.harborguard.co)","statements":[{"vulnerability":{"name":"CVE-2026-46689","@id":"https://www.cve.org/CVERecord?id=CVE-2026-46689","description":"Kanidm is an identity management platform. Prior to version 1.9.3, a single unauthenticated GET to any /scim/v1/... endpoint with a ?filter= query string of a few thousand nested parentheses (≈ 4–12 KB) drives the recursive-descent PEG parser past the worker thread's stack guard page. Rust responds to stack overflow with std::process::abort() — the entire kanidmd process exits. The parse runs inside axum's Query<ScimEntryGetQuery> extractor, before any handler body and therefore before any ACL c"},"products":[{"@id":"cpe:2.3:a:kanidm:kanidm:\\<_1.9.3:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:kanidm:kanidm:\\<_1.9.3:*:*:*:*:*:*:*"}}],"status":"affected","action_statement":"No fixed version is published yet; monitor the upstream advisory.","timestamp":"2026-06-11T12:55:59.122Z"}]}