Heap overflow with multiple NSID, COOKIE, PADDING EDNS options

...

EUVD-2026-31085

NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a vulnerability that results in heap overflow when encoding multiple NSID and/or DNS Cookie EDNS and/or EDNS Padding options in the reply packet. The relevant options 'nsid', 'answer-cookie', 'pad-responses' default need to be enabl...

CVE-2026-41292 Long list of incoming EDNS options degrades performance

NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to a degradation of service attack related to parsing long lists of incoming EDNS options. An adversary sending queries with too many EDNS options can hold Unbound threads hostage while they are parsing and creating internal data...

CVE-2026-41292

CVE-2026-41292 affects NLnet Labs Unbound up to 1.25.0. A vulnerability in parsing long lists of incoming EDNS options can cause a degradation of service/DoS as adversaries send queries with many EDNS options, tying up worker threads while parsing. The issue is mitigated in Unbound 1.25.1, which ...

CVE-2026-41292 Long list of incoming EDNS options degrades performance

NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to a degradation of service attack related to parsing long lists of incoming EDNS options. An adversary sending queries with too many EDNS options can hold Unbound threads hostage while they are parsing and creating internal data...

CVE-2026-41292

NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to a degradation of service attack related to parsing long lists of incoming EDNS options. An adversary sending queries with too many EDNS options can hold Unbound threads hostage while they are parsing and creating internal data...

PT-2026-42128

Name of the Vulnerable Software and Affected Versions NLnet Labs Unbound versions prior to 1.25.1 Description An issue exists related to the parsing of long lists of incoming EDNS Extension Mechanisms for DNS options. An adversary can send queries containing an excessive number of EDNS options,...

UBUNTU-CVE-2026-41292

NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to a degradation of service attack related to parsing long lists of incoming EDNS options. An adversary sending queries with too many EDNS options can hold Unbound threads hostage while they are parsing and creating internal data...

UBUNTU-CVE-2026-42944

NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a vulnerability that results in heap overflow when encoding multiple NSID and/or DNS Cookie EDNS and/or EDNS Padding options in the reply packet. The relevant options 'nsid', 'answer-cookie', 'pad-responses' default need to be enabl...

📄 FreeBSD rtsold 15.x Remote Code Execution

rtsold8 on FreeBSD processes IPv6 Router Advertisement DNSSL options without validating domain names for shell metacharacters. The decoded domains are passed to resolvconf8, a shell script that uses unquoted variable expansion, enabling command injection via substitution. Exploit Title: FreeBSD...

Metasploit Weekly Wrap-Up 08/02/2024

Metasploit goes to Hacker Summer Camp Next week, Metasploit will have demos at both Black Hat and DEF CON where the latest functionality from this year will be presented. The Black Hat demo will be on Thursday the 8th from 10:10 to 11:25 and the DEF CON demo will be on Saturday the 10th from 12:0...

SUSE CVE-2018-5744

A failure to free memory can occur when processing messages having a specific combination of EDNS options. Versions affected are: BIND 9.10.7 - 9.10.8-P1, 9.11.3 - 9.11.5-P1, 9.12.0 - 9.12.3-P1, and versions 9.10.7-S1 - 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 - 9.13.6 of th...