CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-11611

A flaw was found in 389 Directory Server. The Content Synchronization persistent search plugin allows unbounded memory growth when an authenticated client stops reading sync responses, enabling denial of service. Additional race conditions in plugin thread lifecycle can cause crashes during connection teardown or shutdown.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 20.4%

CVSS Severity

CVSS v3 Score 6.5

References

Products affected by CVE-2026-11611

Redhat » Directory Server » Version: 11.0

cpe:2.3:a:redhat:directory_server:11.0
Redhat » Directory Server » Version: 12.0

cpe:2.3:a:redhat:directory_server:12.0
Redhat » Directory Server » Version: 13.0

cpe:2.3:a:redhat:directory_server:13.0
Redhat » 389 Directory Server » Version: N/A

cpe:2.3:o:redhat:389_directory_server:-
Redhat » Enterprise Linux » Version: 10.0

cpe:2.3:o:redhat:enterprise_linux:10.0
Redhat » Enterprise Linux » Version: 7.0

cpe:2.3:o:redhat:enterprise_linux:7.0
Redhat » Enterprise Linux » Version: 8.0

cpe:2.3:o:redhat:enterprise_linux:8.0
Redhat » Enterprise Linux » Version: 9.0

cpe:2.3:o:redhat:enterprise_linux:9.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-11611

Products

Pricing

Contact Us