bind: BIND: Denial of Service via specially crafted DNS messages

A flaw was found in the bind component, specifically within the named daemon. This vulnerability allows a remote attacker to send specially crafted Domain Name System DNS messages. These messages, which use unusual classes or meta-classes, can trigger assertion failures in the named daemon when...

EulerOS Virtualization 2.10.1 : avahi (EulerOS-SA-2026-2015)

According to the versions of the avahi package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, ...

[SECURITY] Fedora 44 Update: kf6-kdnssd-6.25.0-1.fc44

KDE Frameworks 6 Tier 1 integration module for DNS-SD services Zeroconf...

CVE-2026-35659

OpenClaw vulnerability CVE-2026-35659 affects OpenClaw prior to 2026.3.22. The issue is a service discovery flaw where TXT metadata from Bonjour and DNS-SD can influence CLI routing even if service resolution fails. Attackers could abuse unresolved hints to steer routing decisions toward unintend...

CVE-2026-35659

OpenClaw before 2026.3.22 contains a service discovery vulnerability where TXT metadata from Bonjour and DNS-SD could influence CLI routing even when actual service resolution failed. Attackers can exploit unresolved hints to steer routing decisions to unintended targets by providing malicious...

CVE-2026-35659 OpenClaw < 2026.3.22 - Unresolved Service Metadata Routing via Bonjour and DNS-SD Discovery

OpenClaw before 2026.3.22 contains a service discovery vulnerability where TXT metadata from Bonjour and DNS-SD could influence CLI routing even when actual service resolution failed. Attackers can exploit unresolved hints to steer routing decisions to unintended targets by providing malicious...

PT-2026-30270

Name of the Vulnerable Software and Affected Versions Avahi versions prior to 0.9-rc4 Description Avahi, a system for local network service discovery using mDNS/DNS-SD, is susceptible to a denial-of-service condition. An unprivileged local user can terminate the avahi-daemon process by sending a...

OpenClaw: Bonjour/DNS-SD TXT metadata steers CLI routing after failed service resolution

Summary Bonjour and DNS-SD TXT metadata could still steer CLI routing even when actual service resolution failed, allowing unresolved hints to influence the chosen target. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.3.22 - Latest released tag checked: v2026.3.23-2...

CVE-2026-4203

A vulnerability was detected in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Impacted is the function...

CVE-2026-26327 OpenClaw allows unauthenticated discovery TXT records to steer routing and TLS pinning

OpenClaw is a personal AI assistant. Discovery beacons Bonjour/mDNS and DNS-SD include TXT records such as lanHost, tailnetDns, gatewayPort, and gatewayTlsSha256. TXT records are unauthenticated. Prior to version 2026.2.14, some clients treated TXT values as authoritative routing/pinning inputs...

CVE-2026-2143

A security vulnerability has been detected in D-Link DIR-823X 250416. This issue affects some unknown processing of the file /goform/setddns of the component DDNS Service. The manipulation of the argument ddnsType/ddnsDomainName/ddnsUserName/ddnsPwd leads to os command injection. The attack is...

EUVD-2026-5805

A security vulnerability has been detected in D-Link DIR-823X 250416. This issue affects some unknown processing of the file /goform/setddns of the component DDNS Service. The manipulation of the argument ddnsType/ddnsDomainName/ddnsUserName/ddnsPwd leads to os command injection. The attack is...

CVE-2026-2143 D-Link DIR-823X DDNS Service set_ddns os command injection

A security vulnerability has been detected in D-Link DIR-823X 250416. This issue affects some unknown processing of the file /goform/setddns of the component DDNS Service. The manipulation of the argument ddnsType/ddnsDomainName/ddnsUserName/ddnsPwd leads to os command injection. The attack is...

CVE-2025-68471

A flaw was found in Avahi, a system that enables devices to discover services on a local network using the mDNS/DNS-SD Multicast Domain Name System/DNS-based Service Discovery protocols. A remote attacker can exploit this by sending two specific network messages, known as unsolicited announcement...

RHEL 9 : python-kdcproxy (RHSA-2025:21448)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:21448 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

CVE-2025-59088

If kdcproxy receives a request for a realm which does not have server addresses defined in its configuration, by default, it will query SRV records in the DNS zone matching the requested realm name. This creates a server-side request forgery vulnerability, since an attacker could send a request f...

Linux Distros Unpatched Vulnerability : CVE-2025-59088

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If kdcproxy receives a request for a realm which does not have server addresses defined in its configuration, by default, it will query SRV records in the DNS...

EUVD-2014-3717

Malware in sbrugna...

EUVD-2019-9529

Malware in sbrugna...

EUVD-2007-0195

Malware in sbrugna...