CVE-2026-33598

A cached crafted response can cause an out-of-bounds read if custom Lua code calls getDomainListByAddress or getAddressListByDomain on a packet cache...

CVE-2026-33598

A cached crafted response can cause an out-of-bounds read if custom Lua code calls getDomainListByAddress or getAddressListByDomain on a packet cache...

CVE-2026-27853

A flaw was found in dnsdist. A remote attacker could send specially crafted DNS responses that, when processed by dnsdist using the DNSQuestion:changeName or DNSResponse:changeName methods in custom Lua code, may trigger an out-of-bounds write. This vulnerability can lead to a system crash,...

CVE-2026-27854

An attacker might be able to trigger a use-after-free by sending crafted DNS queries to a DNSdist using the DNSQuestion:getEDNSOptions method in custom Lua code. In some cases DNSQuestion:getEDNSOptions might refer to a version of the DNS packet that has been modified, thus triggering a...

PT-2026-29243

Name of the Vulnerable Software and Affected Versions Versions prior to 2026 affected versions not specified Description An attacker could potentially trigger an out-of-bounds read by sending a specially crafted DNS response packet. This occurs when custom Lua code utilizes the newDNSPacketOverla...