CVE-2026-11787

Published: Jun 9, 2026Modified: Jun 12, 2026

6.3

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Exploitability: 2.8 / Impact: 3.4

Source: NVD

Description

A flaw was found in 389 Directory Server. The ldap_utf8prev() function reads bytes before the start of a buffer without bounds checking, causing a heap buffer over-read in string filter parsing that may influence internal filter processing behavior.

Affected (8)

Products: Redhat: 389 Directory Server, Directory Server, Enterprise Linux

3 products

Configuration A

8 vulnerable

Vulnerable Software	Affected Versions
Redhat 389 Directory Server	All versions
Redhat Directory Server	Version 11.0
Redhat Directory Server	Version 12.0
Redhat Directory Server	Version 13.0
Redhat Enterprise Linux	Version 10.0
Redhat Enterprise Linux	Version 7.0
Redhat Enterprise Linux	Version 8.0
Redhat Enterprise Linux	Version 9.0

Related CWEs

CWE-126

Buffer Over-read

The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

References (3)

https://access.redhat.com/security/cve/CVE-2026-11787

Source: secalert@redhat.com

Vendor Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=2485425

Source: secalert@redhat.com

Issue TrackingVendor Advisory

https://redhat.atlassian.net/browse/PSIRTSUPT-7600

Source: secalert@redhat.com

Permissions Required

Timeline

No history available yet.