CVE-2026-11788EPSS p32.2%

CVE-2026-11788CVE-2026-11788

redhat / directory_server

Description

A flaw was found in 389 Directory Server. The dereference control plugin does not check for allocation failure before using a BER structure, allowing an unauthenticated remote attacker to crash the LDAP server when the system is under memory pressure.

Scoring

CVSS 5.9 ()
VectorCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS0.41% probability of exploitation · percentile 32.2% · 2026-06-18T12:00:27Z
Last modified2026-06-12

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-11611
CVE
CVE-2026-11786
CVE
CVE-2026-11787
CVE
CVE-2026-11789
CVE
CVE-2026-9064
CVE
CVE-2026-11793
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.