PatchSiren cyber security CVE debrief
CVE-2026-11884 Red Hat CVE debrief
CVE-2026-11884 is a heap buffer overflow vulnerability in 389 Directory Server. The vulnerability occurs when serializing objectclass definitions, where the oc_superior (SUP) field length is omitted from buffer size calculations in read_schema_dse() and schema_oc_to_string(), but the field is still written via strcat(). An attacker with Directory Manager privileges, or a compromised replication supplier, can trigger a server crash by creating objectclasses with long SUP values. This is an incomplete fix variant of CVE-2025-14905.
- Vendor
- Red Hat
- Product
- Red Hat Directory Server 11
- CVSS
- MEDIUM 6.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-10
- Original CVE updated
- 2026-06-10
- Advisory published
- 2026-06-10
- Advisory updated
- 2026-06-10
Who should care
Users of 389 Directory Server should be aware of this vulnerability and take steps to mitigate it.
Technical summary
Heap buffer overflow vulnerability in 389 Directory Server when serializing objectclass definitions.
Defensive priority
MEDIUM
Recommended defensive actions
- Apply the patches or updates provided by the vendor to fix the vulnerability.
- Restrict access to Directory Manager privileges to trusted users.
- Monitor replication suppliers for potential compromise.
Evidence notes
The CVE-2026-11884 vulnerability was reported by Red Hat.
Official resources
CVE-2026-11884 was published on 2026-06-10T15:16:32.317Z and modified on 2026-06-10T19:24:04.320Z.