Vendor
A vulnerability in SSSD's LDAP sudo provider, CVE-2026-14474, allows an authenticated attacker to achieve root-level privilege escalation by injecting a malicious sudoRole object into any writable LDAP subtree when the `ldap_sudo_search_base` option is not explicitly configured on SSSD-enrolled Linux hosts.