CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2026/06/08 12:0 a.m.•12 views

PT-2026-47551

8.7CVSS5.5AI score

Positive Technologies•added 2026/06/08 12:0 a.m.•11 views

PT-2026-47614

Name of the Vulnerable Software and Affected Versions Netty ionetty:netty-resolver-dns affected versions not specified Description Insufficient validation of the bailiwick of NS records in DnsResolveContext allows for DNS Cache Poisoning. An attacker controlling an authoritative name server for a...

10CVSS5.5AI score0.0024EPSS

Exploits0References26

Cvelist•added 2026/05/20 9:18 a.m.•45 views

CVE-2026-40622 Another 'ghost domain names' attack variant

NLnet Labs Unbound 1.16.2 up to and including version 1.25.0 has a vulnerability of the 'ghost domain names' family of attacks that could extend the ghost domain window by up to one cached TTL configured value. Similar to other 'ghost domain names' attacks, an adversary needs to control a ghost...

8.7CVSS0.00171EPSS

Exploits0References1

CVE•added 2026/05/20 9:18 a.m.•19 views

CVE-2026-40622

Affected software: NLnet Labs Unbound (versions 1.16.2 through 1.25.0). Vulnerability: ghost domain names attack that can extend the ghost domain window by up to one cached TTL (cache-max-ttl) by overwriting the cached expired parent‑side referral NS RRset with the child‑side apex NS RRset via a ...

8.7CVSS5.7AI score0.00171EPSS

Exploits0References1Affected Software1

AstraLinux•added 2026/05/20 5:53 a.m.•8 views

Astra Linux - уязвимость в unbound

Unbound versions up to and including 1.24.1 are vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that complement positive DNS replies in the authority section can be used to trick resolvers into updating their delegation information for the zone. Typically, these RRSets are use...

7.1CVSS5.7AI score0.00287EPSS

CNNVD•added 2026/05/20 12:0 a.m.•6 views

NLnet Labs Unbound 访问控制错误漏洞

NLnet Labs Unbound is a high-performance DNS resolver open-sourced by NLnet Labs. In versions 1.16.2 to 1.25.0 of NLnet Labs Unbound, there is an access control vulnerability. This vulnerability stems from a phantom domain attack. It allows attackers to control phantoms and query the vulnerable...

8.7CVSS5.7AI score0.00171EPSS

RedHat Linux•added 2026/05/19 1:52 p.m.•8 views

unbound: Unbound domain hijacking via promiscuous records

A domain hijacking flaw has been discovered in NLNet Lab's Unbound project. Promiscuous NS RRSets that complement positive DNS replies in the authority section can be used to trick resolvers to update their delegation information for the zone. Usually these RRSets are used to update the resolver'...

7.1CVSS7.3AI score0.00287EPSS

RedHat Linux•added 2026/05/19 9:14 a.m.•8 views

unbound: Unbound domain hijacking via promiscuous records

7.1CVSS7.3AI score0.00287EPSS

Tenable Nessus•added 2026/04/10 12:0 a.m.•1 views

Unity Linux 20.1070e Security Update: unbound (UTSA-2026-007095)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007095 advisory. NLnet Labs Unbound up to and including version 1.24.1 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that complement positive DNS replies in...

7.1CVSS6.7AI score0.00287EPSS

Exploits0References4

Tenable Nessus•added 2026/03/18 12:0 a.m.•3 views

EulerOS Virtualization 2.13.1 : unbound (EulerOS-SA-2026-1642)

According to the versions of the unbound packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that...

Tenable Nessus•added 2026/03/18 12:0 a.m.•3 views

EulerOS Virtualization 2.13.0 : unbound (EulerOS-SA-2026-1632)

OpenVAS•added 2026/03/17 12:0 a.m.•4 views

Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2026-1595)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS5.8AI score0.00287EPSS

OpenVAS•added 2026/02/03 12:0 a.m.•3 views

Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2026-1228)

7.1CVSS5.4AI score0.00287EPSS

Tenable Nessus•added 2026/02/02 12:0 a.m.•2 views

EulerOS 2.0 SP13 : unbound (EulerOS-SA-2026-1216)

According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that complement...

Tenable Nessus•added 2026/01/15 12:0 a.m.•5 views

EulerOS 2.0 SP12 : unbound (EulerOS-SA-2026-1080)

According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : NLnet Labs Unbound up to and including version 1.24.1 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that complement...