CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-11786

A flaw was found in 389 Directory Server. The LDIF parser reads past the end of a heap buffer when processing attribute types with trailing semicolons during database import, causing an out-of-bounds read detectable under memory instrumentation.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 6.1%

CVSS Severity

CVSS v3 Score 1.9

References

Products affected by CVE-2026-11786

Redhat » Directory Server » Version: 11.0

cpe:2.3:a:redhat:directory_server:11.0
Redhat » Directory Server » Version: 12.0

cpe:2.3:a:redhat:directory_server:12.0
Redhat » Directory Server » Version: 13.0

cpe:2.3:a:redhat:directory_server:13.0
Redhat » 389 Directory Server » Version: N/A

cpe:2.3:o:redhat:389_directory_server:-
Redhat » Enterprise Linux » Version: 10.0

cpe:2.3:o:redhat:enterprise_linux:10.0
Redhat » Enterprise Linux » Version: 7.0

cpe:2.3:o:redhat:enterprise_linux:7.0
Redhat » Enterprise Linux » Version: 8.0

cpe:2.3:o:redhat:enterprise_linux:8.0
Redhat » Enterprise Linux » Version: 9.0

cpe:2.3:o:redhat:enterprise_linux:9.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-11786

Products

Pricing

Contact Us