RLSA-2026:24339 Important: bind security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

bind: BIND: Denial of Service via specially crafted DNS messages

A flaw was found in the bind component, specifically within the named daemon. This vulnerability allows a remote attacker to send specially crafted Domain Name System DNS messages. These messages, which use unusual classes or meta-classes, can trigger assertion failures in the named daemon when...

Important: bind security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

AlmaLinux 10 : bind (ALSA-2026:24338)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:24338 advisory. bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation CVE-2026-3039 bind: BIND: Denial of Service via specially crafted DNS messages...

RockyLinux 8 : bind9.16 (RLSA-2026:23360)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:23360 advisory. bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation CVE-2026-3039 bind: BIND: Denial of Service via specially crafted DNS messages...

Exploit for Heap-based Buffer Overflow in Microsoft

CVE-2026-41096 - Crash PoC Heap overflow in DnsRawTruncateMe...

Astra Linux - уязвимость в qtbase-opensource-src

A issue was discovered in Qt 5.x before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. QDnsLookup has a buffer over-read issue due to a crafted reply from a DNS server...

Updated dnsmasq packages fix security vulnerabilities

CVE-2026-2291: dnsmasqs extractname function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS. CVE-2026-4890: A Denial of Service DoS...

CVE-2026-4893

An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subnet information...

CVE-2026-4891

A heap-based out-of-bounds read vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet...

CVE-2026-4891

CVE-2026-4891 describes a heap-based out-of-bounds read in dnsmasq’s DNSSEC validation, allowing remote attackers to trigger a denial of service by sending a crafted DNS packet. The vulnerability is part of a broader set (CVE-2026-2291, CVE-2026-4890/4892/4893, CVE-2026-5172) affecting dnsmasq an...

CVE-2026-4890

Dnsmasq is affected by CVE-2026-4890, a DoS vulnerability in DNSSEC validation. The issue is described as an infinite-loop flaw in DNSSEC validation, which can cause the dnsmasq service to crash or become unresponsive when processing a crafted DNS response. Affected component: dnsmasq’s DNSSEC va...

CVE-2026-4890

A Denial of Service DoS vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet...

CVE-2026-4893

An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subnet information...

DNSmasq 安全漏洞

DNSmasq is a DNS configuration tool developed by Simon Kelley. DNSmasq has a security vulnerability, which stems from an issue with DNSSEC verification. This vulnerability allows remote attackers to cause denial-of-service attacks through specially crafted DNS packets...

Linux Distros Unpatched Vulnerability : CVE-2026-4893

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subnet...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : glibc (SUSE-SU-2026:1369-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1369-1 advisory. - CVE-2026-4437: incorrect DNS response parsing via crafted DNS server response bsc1260078. -...

SUSE CVE-2026-27854

An attacker might be able to trigger a use-after-free by sending crafted DNS queries to a DNSdist using the DNSQuestion:getEDNSOptions method in custom Lua code. In some cases DNSQuestion:getEDNSOptions might refer to a version of the DNS packet that has been modified, thus triggering a...

CVE-2026-27854

A flaw was found in DNSdist. An attacker could exploit this by sending crafted DNS queries that interact with the DNSQuestion:getEDNSOptions method in custom Lua code. This interaction can trigger a use-after-free vulnerability, potentially leading to a crash and a denial of service DoS for the...

EUVD-2026-17361

An attacker might be able to inject HTML content into the internal web dashboard by sending crafted DNS queries to a DNSdist instance where domain-based dynamic rules have been enabled via either DynBlockRulesGroup:setSuffixMatchRule or DynBlockRulesGroup:setSuffixMatchRuleFFI...