Lucene search
K

4 matches found

OSV
OSV
added 2026/03/31 12:16 p.m.5 views

UBUNTU-CVE-2026-0396

An attacker might be able to inject HTML content into the internal web dashboard by sending crafted DNS queries to a DNSdist instance where domain-based dynamic rules have been enabled via either DynBlockRulesGroup:setSuffixMatchRule or DynBlockRulesGroup:setSuffixMatchRuleFFI...

4.3CVSS5.8AI score0.00136EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/31 11:50 a.m.24 views

CVE-2026-0396 HTML injection in the web dashboard

An attacker might be able to inject HTML content into the internal web dashboard by sending crafted DNS queries to a DNSdist instance where domain-based dynamic rules have been enabled via either DynBlockRulesGroup:setSuffixMatchRule or DynBlockRulesGroup:setSuffixMatchRuleFFI...

3.1CVSS0.00136EPSS
Exploits0References1
CVE
CVE
added 2026/03/31 11:50 a.m.22 views

CVE-2026-0396

CVE-2026-0396 affects dnsdist, a DNS load balancer. The issue arises when domain-based dynamic rules are enabled (DynBlockRulesGroup:setSuffixMatchRule / setSuffixMatchRuleFFI), allowing crafted DNS queries to cause HTML content injection into the internal web dashboard. Associated advisories con...

4.3CVSS5.9AI score0.00136EPSS
Exploits0References1Affected Software1
AlpineLinux
AlpineLinux
added 2026/03/31 11:50 a.m.5 views

CVE-2026-0396

An attacker might be able to inject HTML content into the internal web dashboard by sending crafted DNS queries to a DNSdist instance where domain-based dynamic rules have been enabled via either DynBlockRulesGroup:setSuffixMatchRule or DynBlockRulesGroup:setSuffixMatchRuleFFI...

4.3CVSS5.8AI score0.00136EPSS
Exploits0
Rows per page
Query Builder