VYPR
High severity7.2NVD Advisory· Published Feb 23, 2026· Updated Apr 15, 2026

CVE-2025-14905

CVE-2025-14905

Description

A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the schema_attr_enum_callback function within the schema.c file. This occurs because the code incorrectly calculates the buffer size by summing alias string lengths without accounting for additional formatting characters. When a large number of aliases are processed, this oversight can lead to a heap overflow, potentially allowing a remote attacker to cause a Denial of Service (DoS) or achieve Remote Code Execution (RCE).

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

20

Patches

Vulnerability mechanics

References

21

News mentions

0

No linked articles in our index yet.