CVE Catalog

CVE-2026-11884

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.36%

28th percentile — higher than 28% of all known CVEs

Summary

A heap buffer overflow vulnerability was found in 389 Directory Server. When serializing objectclass definitions, the oc_superior (SUP) field length is omitted from buffer size calculations in read_schema_dse() and schema_oc_to_string(), but the field is still written via strcat(). An attacker with Directory Manager privileges or a compromised replication supplier can trigger a server crash by creating objectclasses with long SUP values. This is an incomplete fix variant of CVE-2025-14905.

Risk Assessment

The risk involves potential server crash caused by an attacker with Directory Manager privileges or a compromised replication supplier, leading to directory service disruption and possible availability loss.

Recommendation

It is recommended to immediately apply the official vendor patch for 389 Directory Server, restrict Directory Manager privileges, and monitor replication for unauthorized changes.

Original NVD description (English source)

A heap buffer overflow flaw was found in 389 Directory Server. When serializing objectclass definitions, the oc_superior (SUP) field length is omitted from buffer size calculations in read_schema_dse() and schema_oc_to_string(), but the field is still written via strcat(). An attacker with Directory Manager privileges, or a compromised replication supplier, can trigger a server crash by creating objectclasses with long SUP values. This is an incomplete fix variant of CVE-2025-14905.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS