12 matches found
Oracle Linux 9 : unbound (ELSA-2026-24369)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-24369 advisory. - Fix CVE-2026-33278 RHEL-177822 Fix CVE-2026-42944 RHEL-177936 Fix CVE-2026-42959 RHEL-177797 Tenable has extracted the preceding description block...
Alibaba Cloud Linux 3 : 0156: unbound (ALINUX3-SA-2026:0156)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0156 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-42944: NLnet Labs Unbound 1.14.0 ...
RLSA-2026:24365 Important: unbound security update
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: Heap overflow and crash with multiple nsid, cookie, padding EDNS options CVE-2026-42944 unbound: Unbound DNSSEC Validator Denial of Service via Incorrect Write Offset Counter in...
MiracleLinux 8 : unbound-1.16.2-5.11.el8_10 (AXSA:2026-768:04)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-768:04 advisory. unbound: Heap overflow and crash with multiple nsid, cookie, padding EDNS options CVE-2026-42944 unbound: Unbound DNSSEC Validator Denial of Service...
Oracle Linux 8 : unbound (ELSA-2026-24365)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-24365 advisory. - Fix CVE-2026-42944 RHEL-177909 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...
RHEL 8 : unbound (RHSA-2026:24365)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:24365 advisory. The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: Heap overflow and crash...
ROOT-OS-DEBIAN-12-CVE-2026-42944 CVE-2026-42944 in rootio-unbound - Patched by Root
Root has patched CVE-2026-42944 in the rootio-unbound package for Root:Debian:12. Multiple fixed versions available...
Important: Red Hat Security Advisory: unbound security update
An update for unbound is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
Fedora 43 : unbound (2026-3223ded15e)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-3223ded15e advisory. Update to 1.25.1 rhbz2480119 - Fix CVE-2026-33278, Possible remote code execution during DNSSEC validation. Thanks to Qifan Zhang, Palo Alto Network...
CVE-2026-42944 affecting package unbound for versions less than 1.25.1-1
CVE-2026-42944 affecting package unbound for versions less than 1.25.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2026-42944
creationtimestamp| type| source ---|---|--- 2026-05-20 10:36:24+00:00| seen| https://social.nlnetlabs.nl/users/nlnetlabs/statuses/116606458492280712 2026-05-20 10:38:22+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmbpmk25mm2e...
CVE-2026-42944
NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a vulnerability that results in heap overflow when encoding multiple NSID and/or DNS Cookie EDNS and/or EDNS Padding options in the reply packet. The relevant options 'nsid', 'answer-cookie', 'pad-responses' default need to be enabl...