diff --git a/NEWS b/NEWS
index a331bf6c3a1..486a9ab6619 100644
--- a/NEWS
+++ b/NEWS
@@ -54,6 +54,8 @@ PHP                                                                        NEWS
 
 - Standard:
   . Prevent int overflow on $decimals in number_format. (Marc Bennewitz)
+  . Fixed bug GH-11870 (Fix off-by-one bug when truncating tempnam prefix)
+    (athos-ribeiro)
 
 03 Aug 2023, PHP 8.2.9
 
diff --git a/ext/standard/file.c b/ext/standard/file.c
index 64aa46f29bd..d05d63bc4f0 100644
--- a/ext/standard/file.c
+++ b/ext/standard/file.c
@@ -704,7 +704,7 @@ PHP_FUNCTION(tempnam)
 	ZEND_PARSE_PARAMETERS_END();
 
 	p = php_basename(prefix, prefix_len, NULL, 0);
-	if (ZSTR_LEN(p) > 64) {
+	if (ZSTR_LEN(p) >= 64) {
 		ZSTR_VAL(p)[63] = '\0';
 	}
 
diff --git a/ext/standard/tests/file/tempnam_variation9.phpt b/ext/standard/tests/file/tempnam_variation9.phpt
new file mode 100644
index 00000000000..bea93646229
--- /dev/null
+++ b/ext/standard/tests/file/tempnam_variation9.phpt
@@ -0,0 +1,73 @@
+--TEST--
+Test tempnam() function: usage variations - test prefix maximum size
+--SKIPIF--
+<?php
+if (PHP_OS_FAMILY !== 'Windows') {
+    die("skip Do not run on Windows");
+}
+?>
+--FILE--
+<?php
+/* Testing the maximum prefix size */
+
+echo "*** Testing tempnam() maximum prefix size ***\n";
+$file_path = __DIR__."/tempnamVar9";
+mkdir($file_path);
+
+$pre_prefix = "begin_";
+$post_prefix = "_end";
+$fixed_length = strlen($pre_prefix) + strlen($post_prefix);
+/* An array of prefixes */
+$names_arr = [
+  $pre_prefix . str_repeat("x", 7) . $post_prefix,
+  $pre_prefix . str_repeat("x", 63 - $fixed_length) . $post_prefix,
+  $pre_prefix . str_repeat("x", 64 - $fixed_length) . $post_prefix,
+  $pre_prefix . str_repeat("x", 65 - $fixed_length) . $post_prefix,
+  $pre_prefix . str_repeat("x", 300) . $post_prefix,
+];
+
+foreach($names_arr as $i=>$prefix) {
+    echo "-- Iteration $i --\n";
+    try {
+        $file_name = tempnam("$file_path", $prefix);
+    } catch (Error $e) {
+        echo $e->getMessage(), "\n";
+        continue;
+    }
+
+    $base_name = basename($file_name);
+    echo "File name is => ", $base_name, "\n";
+    echo "File name length is => ", strlen($base_name), "\n";
+
+    if (file_exists($file_name)) {
+        unlink($file_name);
+    }
+}
+rmdir($file_path);
+
+?>
+--CLEAN--
+<?php
+$file_path = __DIR__."/tempnamVar9";
+if (file_exists($file_path)) {
+    array_map('unlink', glob($file_path . "/*"));
+    rmdir($file_path);
+}
+?>
+--EXPECTF--
+*** Testing tempnam() maximum prefix size ***
+-- Iteration 0 --
+File name is => begin_%rx{7}%r_end%r.{6}%r
+File name length is => 23
+-- Iteration 1 --
+File name is => begin_%rx{53}%r_end%r.{6}%r
+File name length is => 69
+-- Iteration 2 --
+File name is => begin_%rx{54}%r_en%r.{6}%r
+File name length is => 69
+-- Iteration 3 --
+File name is => begin_%rx{55}%r_e%r.{6}%r
+File name length is => 69
+-- Iteration 4 --
+File name is => begin_%rx{57}%r%r.{6}%r
+File name length is => 69