JLSEC-2026-165

A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service double free and out-of-bounds read...

JLSEC-2026-160

A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service...

JLSEC-2026-171

A flaw was discovered in ldapX509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in adkeystring, resulting in denial of service...

JLSEC-2026-169

A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancelextop Cancel operation, resulting in denial of service...

JLSEC-2026-172

A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c bernextelement, resulting in denial of service...

JLSEC-2026-173

In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service daemon exit via a short timestamp. This is related to schemainit.c and checkTime...

Unity Linux 20.1070e Security Update: openldap (UTSA-2026-007094)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007094 advisory. OpenLDAP Lightning Memory-Mapped Database LMDB versions up to and including 0.9.14, prior to commit 8e1fda8, contain a heap buffer underflow in the readline function...

ROS-20260310-73-0032

A vulnerability in the slapd server implementation of the OpenLDAP LDAP protocol is related to a flaw in the use of the assert function. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a malicious packet...

ROS-20260310-73-0030

Vulnerability in openldap related to reading beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260310-73-0031

A vulnerability in the csnNormalize23 function of the OpenLDAP LDAP protocol implementation is related to a flaw in the use of the assert function. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a malicious packet...

OESA-2026-1428 openldap security update

OpenLDAP is an open source suite of LDAP Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols for accessing directory services usually phone book style information, but other information is possible over the Internet, similar to the way DNS Domain...

OESA-2026-1427 openldap security update

OpenLDAP is an open source suite of LDAP Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols for accessing directory services usually phone book style information, but other information is possible over the Internet, similar to the way DNS Domain...

OESA-2026-1426 openldap security update

OpenLDAP is an open source suite of LDAP Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols for accessing directory services usually phone book style information, but other information is possible over the Internet, similar to the way DNS Domain...

OESA-2026-1425 openldap security update

OpenLDAP is an open source suite of LDAP Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols for accessing directory services usually phone book style information, but other information is possible over the Internet, similar to the way DNS Domain...

OESA-2026-1335 openldap security update

OpenLDAP is an open source suite of LDAP Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols for accessing directory services usually phone book style information, but other information is possible over the Internet, similar to the way DNS Domain...

OESA-2026-1334 openldap security update

OpenLDAP is an open source suite of LDAP Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols for accessing directory services usually phone book style information, but other information is possible over the Internet, similar to the way DNS Domain...

Null pointer dereference found in openldap

A vulnerability was found in openldap. This security flaw causes a null pointer dereference in bermemallocx function...

openSUSE Security Advisory (SUSE-SU-2026:0256-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : openldap2_5 (SUSE-SU-2026:0256-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0256-1 advisory. Security fixes: - CVE-2026-22185: Fixed possible crash in malicious DB bsc1256297 Other fixes: - Update t...

Security update for openldap2_5

This update for openldap25 fixes the following issues: Security fixes: CVE-2026-22185: Fixed possible crash in malicious DB bsc1256297 Other fixes: Update to version 2.5.20+11: ITS10421 mdbload: check for malicious input Patch Instructions: To install this SUSE update use the SUSE recommended...