CVE-2026-11789
MediumCVSS 4.9Exploitation Probability (EPSS)
Low risk25th percentile - higher than 25% of all known CVEs
Summary
A flaw was found in 389 Directory Server. The SMD5 password storage plugin performs unsigned integer underflow when computing salt length from a crafted password hash shorter than 16 bytes, causing a buffer over-read that crashes the LDAP server during authentication.
Risk Assessment
An attacker can remotely crash the LDAP server, causing a denial of service for directory services and authentication in the organization.
Recommendation
Immediately update 389 Directory Server to a version containing the fix for CVE-2026-11789. If an update is not possible, temporarily disable the SMD5 plugin.
Original NVD description (English source)
A flaw was found in 389 Directory Server. The SMD5 password storage plugin performs unsigned integer underflow when computing salt length from a crafted password hash shorter than 16 bytes, causing a buffer over-read that crashes the LDAP server during authentication.

