Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

115 matches found

NVD
NVDadded 7 hours ago5 views

CVE-2026-42004

An attacker can send a crafted EDNS OPT record that will be ignored by DNSdist’s filtering rules, but will be rewritten as a valid OPT record when EDNS Client Subnet is inserted, causing the backend to see the EDNS options that DNSdist did not filter...

3.7CVSS
Exploits0References1
CVE
CVEadded 8 hours ago6 views

CVE-2026-42004

CVE-2026-42004 affects DNSdist via EDNS OPT handling. An attacker can craft an EDNS OPT record that DNSdist’s filtering ignores, but is rewritten to a valid OPT when EDNS Client Subnet is applied, allowing the backend to observe EDNS options DNSdist did not filter. Impact is limited to informatio...

3.7CVSS5.9AI score
Exploits0References1
Cvelist
Cvelistadded 8 hours ago5 views

CVE-2026-42004 EDNS options smuggling

An attacker can send a crafted EDNS OPT record that will be ignored by DNSdist’s filtering rules, but will be rewritten as a valid OPT record when EDNS Client Subnet is inserted, causing the backend to see the EDNS options that DNSdist did not filter...

3.7CVSS
Exploits0References1
RedHat Linux
RedHat Linuxadded 2026/05/26 5:9 a.m.12 views

dnsmasq: Broken ECS source validation bypass

A validation bypass was discovered in dnsmasq's RFC 7871 client subnet ECS handling. When verifying ECS source information in DNS responses, dnsmasq passes the OPT record length instead of the full packet length to the validation function.This causes all internal bounds checks to fail, completely...

5.3CVSS5.8AI score0.02681EPSS
Exploits2References5
Oracle linux
Oracle linuxadded 2026/05/26 12:0 a.m.36 views

dnsmasq security update

2.79-36 - Prevent overflow in extractname function CVE-2026-2291 - Prevent DoS in DNSSEC validation CVE-2026-4890 - Prevent out-of-bounds read in DNSSEC validation CVE-2026-4891 - Prevent out-of-bounds write in DHCPv6 server CVE-2026-4892 - Prevent source check avoidance by RFC 7871 client-subnet...

8.4CVSS5.9AI score0.03143EPSS
Exploits3
OSV
OSVadded 2026/05/22 1:22 p.m.6 views

OESA-2026-2438 dnsmasq security update

Dnsmasq provides network infrastructure for small networks: DNS, DHCP, router advertisement and network boot. It is designed to be lightweight and have a small footprint, suitable for resource constrained routers and firewalls. It has also been widely used for tethering on smartphones and portabl...

8.4CVSS6.3AI score0.03143EPSS
Exploits3References6
RedHat Linux
RedHat Linuxadded 2026/05/19 9:55 p.m.9 views

dnsmasq: Broken ECS source validation bypass

A validation bypass was discovered in dnsmasq's RFC 7871 client subnet ECS handling. When verifying ECS source information in DNS responses, dnsmasq passes the OPT record length instead of the full packet length to the validation function.This causes all internal bounds checks to fail, completely...

5.3CVSS5.8AI score0.02681EPSS
Exploits2References5
RedHat Linux
RedHat Linuxadded 2026/05/19 4:15 p.m.10 views

dnsmasq: Broken ECS source validation bypass

A validation bypass was discovered in dnsmasq's RFC 7871 client subnet ECS handling. When verifying ECS source information in DNS responses, dnsmasq passes the OPT record length instead of the full packet length to the validation function.This causes all internal bounds checks to fail, completely...

5.3CVSS5.8AI score0.02681EPSS
Exploits2References5
SUSE CVE
SUSE CVEadded 2026/05/13 3:48 a.m.13 views

SUSE CVE-2026-4893

An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subnet information...

5.3CVSS5.8AI score0.02681EPSS
Exploits2References12
RedhatCVE
RedhatCVEadded 2026/05/12 5:4 p.m.5 views

CVE-2026-4893

A validation bypass was discovered in dnsmasq's RFC 7871 client subnet ECS handling. When verifying ECS source information in DNS responses, dnsmasq passes the OPT record length instead of the full packet length to the validation function.This causes all internal bounds checks to fail, completely...

6.5CVSS5.8AI score0.02681EPSS
Exploits2References4
EUVD
EUVDadded 2026/05/11 6:31 p.m.6 views

EUVD-2026-29155

An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subnet information...

5.3CVSS5.8AI score0.02681EPSS
Exploits2References3
NVD
NVDadded 2026/05/11 6:16 p.m.10 views

CVE-2026-4893

An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subnet information...

5.3CVSS0.02681EPSS
Exploits2References6
OSV
OSVadded 2026/05/11 6:16 p.m.2 views

ALPINE-CVE-2026-4893

An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subnet information...

5.3CVSS5.8AI score0.02681EPSS
Exploits2References1
ATTACKERKB
ATTACKERKBadded 2026/05/11 4:48 p.m.4 views

CVE-2026-4893

An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subnet information...

5.3CVSS5.8AI score0.02681EPSS
Exploits2References8
Vulnrichment
Vulnrichmentadded 2026/05/11 4:48 p.m.5 views

CVE-2026-4893 CVE-2026-4893

An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subnet information...

5.8AI score0.02681EPSS
Exploits2References6
CVE
CVEadded 2026/05/11 4:48 p.m.51 views

CVE-2026-4893

CVE-2026-4893 is an information-disclosure vulnerability in dnsmasq. A crafted DNS packet containing RFC 7871 client-subnet information allows remote attackers to bypass source checks. Affected component: dnsmasq’s DNS handling. Underlying impact per sources is information disclosure; exploitatio...

5.3CVSS5.8AI score0.02681EPSS
Exploits2References6
Cvelist
Cvelistadded 2026/05/11 4:48 p.m.49 views

CVE-2026-4893 CVE-2026-4893

An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subnet information...

0.02681EPSS
Exploits2References6
UbuntuCve
UbuntuCveadded 2026/05/11 12:0 p.m.11 views

CVE-2026-4893

An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subnet information...

5.3CVSS5.8AI score0.02681EPSS
Exploits2References2
OSV
OSVadded 2026/05/11 12:0 p.m.4 views

UBUNTU-CVE-2026-4893

An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subnet information...

5.3CVSS5.8AI score0.02681EPSS
Exploits2References3
Positive Technologies
Positive Technologiesadded 2026/05/09 12:0 a.m.11 views

PT-2026-39701

Name of the Vulnerable Software and Affected Versions dnsmasq affected versions not specified Description An information disclosure issue allows remote attackers to bypass source checks by using a crafted DNS packet containing RFC 7871 client subnet information. Recommendations At the moment, the...

8.4CVSS5.8AI score0.03143EPSS
Exploits3References85
Rows per page
Query Builder