CVE-2026-14940
- EPSS 0.31%
- Veröffentlicht 07.07.2026 13:54:20
- Zuletzt bearbeitet 08.07.2026 15:24:06
A heap-buffer-overflow flaw was found in 389 Directory Server (389-ds-base). When normalizing a Distinguished Name (DN) that contains a legacy-quoted value encoding a multivalued nested Relative Distinguished Name (RDN), the server can write past the...
- EPSS 0.21%
- Veröffentlicht 18.06.2026 14:44:32
- Zuletzt bearbeitet 30.06.2026 11:16:28
A flaw was found in 389 Directory Server. During schema reload, the attr_syntax_swap_ht() function unconditionally frees attribute syntax information nodes, bypassing the refcount-based deferred deletion used elsewhere in the attribute syntax subsyst...
CVE-2026-12528
- EPSS 0.23%
- Veröffentlicht 17.06.2026 14:27:27
- Zuletzt bearbeitet 28.06.2026 00:22:17
A flaw was found in 389 Directory Server in the __aclp__normalize_acltxt() function of aclparse.c. A malformed ACI (Access Control Instruction) string can trigger heap-buffer-overflow writes and reads during ACI parsing. The function fails to validat...
CVE-2026-11793
- EPSS 0.28%
- Veröffentlicht 09.06.2026 13:11:40
- Zuletzt bearbeitet 30.06.2026 11:16:28
A stack buffer overflow flaw was found in 389 Directory Server. The checkPrefix() function in pw.c copies an attacker-controlled algorithm ID into a 256-byte stack buffer without bounds checking when parsing reversible-encrypted attribute values. An ...
CVE-2026-11790
- EPSS 0.29%
- Veröffentlicht 09.06.2026 13:09:29
- Zuletzt bearbeitet 30.06.2026 14:16:25
A flaw was found in 389 Directory Server. The PBKDF2-SHA256 password storage plugin does not enforce an upper bound on the iteration count extracted from stored password hashes. A privileged attacker who can modify a user's password hash can cause ex...
CVE-2026-11789
- EPSS 0.28%
- Veröffentlicht 09.06.2026 13:02:59
- Zuletzt bearbeitet 30.06.2026 14:16:25
A flaw was found in 389 Directory Server. The SMD5 password storage plugin performs unsigned integer underflow when computing salt length from a crafted password hash shorter than 16 bytes, causing a buffer over-read that crashes the LDAP server duri...
CVE-2026-11788
- EPSS 0.35%
- Veröffentlicht 09.06.2026 13:02:53
- Zuletzt bearbeitet 30.06.2026 09:16:24
A flaw was found in 389 Directory Server. The dereference control plugin does not check for allocation failure before using a BER structure, allowing an unauthenticated remote attacker to crash the LDAP server when the system is under memory pressure...
CVE-2026-11787
- EPSS 0.18%
- Veröffentlicht 09.06.2026 13:02:53
- Zuletzt bearbeitet 30.06.2026 09:16:24
A flaw was found in 389 Directory Server. The ldap_utf8prev() function reads bytes before the start of a buffer without bounds checking, causing a heap buffer over-read in string filter parsing that may influence internal filter processing behavior.
CVE-2026-11786
- EPSS 0.16%
- Veröffentlicht 09.06.2026 12:57:59
- Zuletzt bearbeitet 30.06.2026 09:16:23
A flaw was found in 389 Directory Server. The LDIF parser reads past the end of a heap buffer when processing attribute types with trailing semicolons during database import, causing an out-of-bounds read detectable under memory instrumentation.
CVE-2026-11785
- EPSS 0.18%
- Veröffentlicht 09.06.2026 12:57:59
- Zuletzt bearbeitet 30.06.2026 09:16:23
A flaw was found in 389 Directory Server. A type confusion in the SSO token extended operation handler causes partial stack address information to be disclosed in LDAP responses to authenticated users.