A vulnerability, which was classified as problematic , was found in Roxy-WI up to 8.2.6.4 . This issue affects the function get_ldap_email of the file app/modules/roxywi/user.py . The manipulation results in ldap injection. This vulnerability is identified as CVE-2026-45559 . The attack can be executed remotely. There is not any exploit available.