Medium severityNVD Advisory· Published Jan 7, 2026· Updated Apr 15, 2026
CVE-2026-22185
CVE-2026-22185
Description
OpenLDAP Lightning Memory-Mapped Database (LMDB) versions up to and including 0.9.14, prior to commit 8e1fda8, contain a heap buffer underflow in the readline() function of mdb_load. When processing malformed input containing an embedded NUL byte, an unsigned offset calculation can underflow and cause an out-of-bounds read of one byte before the allocated heap buffer. This can cause mdb_load to crash, leading to a limited denial-of-service condition.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- osv-coords3 versionspkg:rpm/opensuse/openldap2_5&distro=openSUSE%20Leap%2015.6pkg:rpm/suse/openldap2_5&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/openldap2_5&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP7
< 2.5.20+11-150500.11.38.1+ 2 more
- (no CPE)range: < 2.5.20+11-150500.11.38.1
- (no CPE)range: < 2.5.20+11-150500.11.38.1
- (no CPE)range: < 2.5.20+11-150500.11.38.1
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.