CVE-2026-14461
The CVE-2026-14461 entry affects mtr up to version 0.96, where ipinfo_lookup() performs DNS AS lookups and can be triggered by a TXT response larger than 512 bytes with a crafted compression pointer, causing an out-of-bounds read. The function uses the response length as the end-of-message bounda...