PatchSiren cyber security CVE debrief
CVE-2026-11786 Red Hat CVE debrief
CVE-2026-11786 is a low-severity vulnerability affecting 389 Directory Server. The issue arises from the LDIF parser reading past the end of a heap buffer when processing attribute types with trailing semicolons during database import, leading to an out-of-bounds read. This vulnerability is detectable under memory instrumentation.
- Vendor
- Red Hat
- Product
- Red Hat Directory Server 11
- CVSS
- LOW 1.9
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-09
- Original CVE updated
- 2026-06-12
- Advisory published
- 2026-06-09
- Advisory updated
- 2026-06-12
Who should care
Users of Red Hat Directory Server, particularly those using versions 11.0, 12.0, and 13.0, as well as Red Hat Enterprise Linux versions 7, 8, 9, and 10, should be aware of this vulnerability.
Technical summary
The vulnerability has a CVSS score of 1.9, indicating a low severity. It is classified under CWE-125. The CVSS vector is CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N, indicating a local attack vector with high attack complexity and privileges required.
Defensive priority
Low
Recommended defensive actions
- Apply patches or updates provided by Red Hat to address the vulnerability.
- Review and update configurations to ensure that only authorized users have access to the Directory Server.
- Monitor the system for any suspicious activity that could be related to this vulnerability.
Evidence notes
Evidence for this CVE comes from the National Vulnerability Database (NVD) and Red Hat's security advisory.
Official resources
-
CVE-2026-11786 CVE record
CVE.org
-
CVE-2026-11786 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
-
Mitigation or vendor reference
[email protected] - Issue Tracking, Vendor Advisory
-
Source reference
[email protected] - Permissions Required
CVE-2026-11786 was published on 2026-06-09T14:16:36.630Z and modified on 2026-06-12T18:40:04.030Z.