A vulnerability, which was classified as critical , was found in Red Hat Directory Server and Enterprise Linux . The impacted element is the function __aclp__normalize_acltxt of the file aclparse.c of the component 389 Directory Server . Such manipulation of the argument aci leads to out-of-bounds write. This vulnerability is listed as CVE-2026-12528 . The attack may be performed from remote. There is no available exploit.