CVE-2026-36618

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 responds to version.bind CHAOS TXT queries, disclosing the DNS resolver software version unbound 1.22.0, aiding targeted attacks against known vulnerabilities...

CVE-2026-36618

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 responds to version.bind CHAOS TXT queries, disclosing the DNS resolver software version unbound 1.22.0, aiding targeted attacks against known vulnerabilities...

EUVD-2026-34155

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 responds to version.bind CHAOS TXT queries, disclosing the DNS resolver software version unbound 1.22.0, aiding targeted attacks against known vulnerabilities...

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: unbound: python3-unbound-1.25.1-0.1.hum1 aarch64, x8664 unbound-1.25.1-0.1.hum1 aarch64, x8664 unbound-anchor-1.25.1-0.1.hum1 aarch64, x8664 unbound-devel-1.25.1-0.1.hum1 aarch64, x8664...

CVE-2026-44390

NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability when handling replies with very large RRsets that Unbound needs to perform name compression for. Malicious upstream responses with very large RRsets with records that don't share a suffix above the root can cause Unbound to...

CVE-2026-42959 Crash during DNSSEC validation of malicious content

NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a crash given malicious upstream replies. When Unbound constructs chase-reply messages for validation, the code uses the wrong counter to calculate write offsets fo...

Astra Linux - уязвимость в unbound

Before version 1.9.5, Unbound allowed configuration injection in the createunboundadservers.sh script after a successful man-in-the-middle attack on a cleartext HTTP session. NOTE: The vendor does not consider this a vulnerability of the Unbound software. createunboundadservers.sh is a contribute...

MiracleLinux 9 : unbound-1.16.2-18.el9_6 (AXSA:2025-10520:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10520:03 advisory. unbound: Unbounded name compression could lead to Denial of Service CVE-2024-8508 Tenable has extracted the preceding description block directly from the...

TencentOS Server 4: unbound (TSSA-2025:0633)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0633 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

unbound:1.16.2 security update

1.16.2-8.1 - Fix unbounded name compression could lead to Denial of Service CVE-2024-8508 1.16.2-8 - Ensure group access correction reaches also updated configs CVE-2024-1488 1.16.2-7 - Ensure only unbound group can change configuration CVE-2024-1488 1.16.2-6 - Fix KeyTrap - Extreme CPU consumpti...

Medium: unbound

Issue Overview: NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying...

unbound: infinite loop via malformed DNS answers received from upstream servers

A flaw was found in unbound in versions prior to 1.10.1. An infinite loop can be created when malformed DNS answers are received from upstream servers. The highest threat from this vulnerability is to system availability...

Security fix for the ALT Linux 9 package unbound version 1.10.2-alt1

1.10.2-alt1 built May 25, 2020 Alexei Takaseev in task 252045 --- May 22, 2020 Alexei Takaseev - 1.10.2 - Fixes CVE-2020-12662, CVE-2020-12663...

CVE-2009-4008

Unbound before 1.4.4 does not send responses for signed zones after mishandling an unspecified query, which allows remote attackers to cause a denial of service DNSSEC outage via a crafted query...