CVE-2026-11793

Name of the Vulnerable Software and Affected Versions 389 Directory Server (affected versions not specified)

Description A stack buffer overflow exists in the checkPrefix() function within pw.c. The issue occurs when parsing reversible-encrypted attribute values, as an attacker-controlled algorithm ID is copied into a 256-byte stack buffer without proper bounds checking. An attacker with Directory Manager privileges can cause a denial of service by crashing the LDAP server through the storage of a crafted credential containing an oversized algorithm ID. The use of FORTIFY SOURCE limits the impact to a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.