CVE-2026-52690

Spoofing replies to Recursor might mark an IP of an authoritative server as not supporting EDNS, causing valdiation of DNSSEC records served by that server to fail...

CVE-2026-42004

An attacker can send a crafted EDNS OPT record that will be ignored by DNSdist’s filtering rules, but will be rewritten as a valid OPT record when EDNS Client Subnet is inserted, causing the backend to see the EDNS options that DNSdist did not filter...

unbound: Heap overflow and crash with multiple nsid, cookie, padding EDNS options

A flaw was found in Unbound, a Domain Name System DNS resolver. A remote attacker could trigger a heap overflow by sending specially crafted DNS reply packets. This occurs when Unbound attempts to encode multiple Name Server Identifier NSID or Extension Mechanisms for DNS EDNS Cookie options, or...

CVE-2026-41292

NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to a degradation of service attack related to parsing long lists of incoming EDNS options. An adversary sending queries with too many EDNS options can hold Unbound threads hostage while they are parsing and creating internal data...

EUVD-2014-3980

Malicious code in bioql PyPI...

unbound: Unbound Cache poisoning

A cache poisoning flaw was found in Unbound. Resolvers supporting EDNS Client Subnet ECS must segregate outgoing queries to accommodate different outgoing ECS information. This issue reopens resolvers to a birthday paradox attack, known as the Rebirthday Attack, which attempts to match the DNS...

USN-7666-1 unbound vulnerabilities

Xiang Li discovered that Unbound incorrectly handled EDNS Client Subnet ECS in certain configurations. A remote attacker could possibly use this issue to perform a cache poisoning attack called Rebirthday Attack...

DEBIAN-CVE-2023-28450

An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020...