CVE Catalog

CVE-2026-11787

MediumCVSS 5.0
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.18%

7th percentile - higher than 7% of all known CVEs

Summary

A flaw was found in 389 Directory Server where the ldap_utf8prev() function reads bytes before the start of a buffer without bounds checking, causing a heap buffer over-read in string filter parsing that may influence internal filter processing behavior.

Risk Assessment

An attacker could exploit this vulnerability to destabilize the directory server or gain unauthorized access to data, threatening confidentiality and integrity.

Recommendation

Immediately update 389 Directory Server to the latest patched version and monitor vendor security advisories.

Original NVD description (English source)

A flaw was found in 389 Directory Server. The ldap_utf8prev() function reads bytes before the start of a buffer without bounds checking, causing a heap buffer over-read in string filter parsing that may influence internal filter processing behavior.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS