CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/06/05 7:30 p.m.•6 views

CVE-2026-42534

NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability in the jostle logic that could defeat its purpose and degrade resolution performance. Retransmits of the same query could renew the age of slow running queries and not allow the jostle logic to see them as aged and potentia...

6.9CVSS5.5AI score0.00351EPSS

SUSE Linux•added 2026/06/05 12:12 p.m.•8 views

Security update for unbound

This update for unbound fixes the following issues CVE-2026-32792: Packet of death with DNSCrypt bsc1265583. CVE-2026-33278: Possible remote code execution during DNSSEC validation bsc1265587. CVE-2026-40622: "Ghost domain name" variant bsc1265581. CVE-2026-41292: Parsing a long list of incoming...

8.6CVSS6.2AI score0.00888EPSS

Exploits0References44

OSV•added 2026/06/05 12:12 p.m.•3 views

SUSE-SU-2026:2281-1 Security update for unbound

This update for unbound fixes the following issues - CVE-2026-32792: Packet of death with DNSCrypt bsc1265583. - CVE-2026-33278: Possible remote code execution during DNSSEC validation bsc1265587. - CVE-2026-40622: 'Ghost domain name' variant bsc1265581. - CVE-2026-41292: Parsing a long list of...

10CVSS6.2AI score0.00888EPSS

Exploits0References23

SUSE CVE•added 2026/05/30 2:6 a.m.•10 views

SUSE CVE-2026-42534

5.9CVSS5.7AI score0.00351EPSS

Exploits0References7

Microsoft CVE•added 2026/05/21 8:2 a.m.•11 views

Jostle logic bypass degrades resolution performance

...

Tenable Nessus•added 2026/05/21 12:0 a.m.•10 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Unbound vulnerabilities (USN-8282-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8282-1 advisory. Andrew Griffiths discovered that Unbound did not properly handle certain DNSCrypt packets. A remote attacker could possib...

10CVSS6.2AI score0.00888EPSS

Exploits0References12

Ubuntu•added 2026/05/20 12:20 p.m.•14 views

USN-8282-1: Unbound vulnerabilities

Andrew Griffiths discovered that Unbound did not properly handle certain DNSCrypt packets. A remote attacker could possibly use this issue to cause Unbound to crash, resulting in a denial of service. CVE-2026-32792 Qifan Zhang discovered that Unbound incorrectly handled DNSSEC validation in certa...

10CVSS6.1AI score0.00888EPSS

OSV•added 2026/05/20 10:16 a.m.•5 views

ALPINE-CVE-2026-42534

5.3CVSS5.5AI score0.00351EPSS

NVD•added 2026/05/20 10:16 a.m.•11 views

CVE-2026-42534

6.9CVSS0.00351EPSS

EUVD•added 2026/05/20 9:19 a.m.•10 views

EUVD-2026-31082

Vulnrichment•added 2026/05/20 9:19 a.m.•5 views

CVE-2026-42534 Jostle logic bypass degrades resolution performance

ATTACKERKB•added 2026/05/20 9:19 a.m.•7 views

CVE-2026-42534

CVE•added 2026/05/20 9:19 a.m.•17 views

Exploits0References2

CVE-2026-42534

The CVE affects NLnet Labs Unbound up to and including version 1.25.0. A vulnerability in the jostle logic can degrade resolution performance when handling slow or maliciously responding DNS servers. An attacker who can query a vulnerable Unbound and influence the domain’s DNS responses can explo...

Exploits0References1Affected Software1

Cvelist•added 2026/05/20 9:19 a.m.•41 views

CVE-2026-42534 Jostle logic bypass degrades resolution performance

6.9CVSS0.00351EPSS

Debian CVE•added 2026/05/20 9:19 a.m.•10 views

CVE-2026-42534

6.9CVSS5.7AI score0.00351EPSS

AlpineLinux•added 2026/05/20 9:19 a.m.•8 views

CVE-2026-42534

6.9CVSS5.7AI score0.00351EPSS

CNNVD•added 2026/05/20 12:0 a.m.•8 views

NLnet Labs Unbound 安全漏洞

NLnet Labs Unbound is a high-performance DNS resolver open-sourced by NLnet Labs. Versions of NLnet Labs Unbound 1.25.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from issues with timestamp updates in the jostle logic, which could prevent slow queries from being...