CVE-2026-32936 CoreDNS DoH GET path missing size validation causes CPU and memory amplification

CoreDNS is a DNS server that chains plugins. In versions prior to 1.14.3, the DNS-over-HTTPS DoH GET path accepts oversized dns= query parameter values and performs URL query parsing, base64 decoding, and DNS message unpacking before rejecting the request. Unlike the POST path, which applies a...

SUSE-SU-2026:1618-1 Security update for dnsdist

This update for dnsdist fixes the following issues: Update to version 1.9.12. - https://www.dnsdist.org/changelog.htmlchange-1.9.12 Security issues fixed: - CVE-2026-0396: crafted DNS queries triggering domain-based dynamic rules can lead to HTML injection in the web dashboard bsc1261236. -...

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure via the getHostByName function in the v2 template engine. An attacker can cause sensitive data to be disclosed by crafting or updating templated resources that trigger DNS queries containing secret-derived values fr...

External Secrets 信息泄露漏洞

External Secrets is an open-source Kubernetes-related application developed by External Secrets. Versions of External Secrets 2.2.0 and earlier contain a vulnerability related to information leakage. This vulnerability stems from the v2 template engine not removing the getHostByName function, whi...

netavark has incorrect error handling for malformed tcp packets

Impact A truncated TCP DNS query followed by a connection reset causes aardvark-dns to enter an unrecoverable infinite error loop at 100% CPU. Patches https://github.com/containers/aardvark-dns/commit/3b49ea7b38bdea134b7f03256f2e13f44ce73bb1 Workarounds None Credits Thanks to @dkane01 for reporti...

Aardvark-dns 资源管理错误漏洞

Aardvark-dns is a DNS server developed by Containers Open Source. Versions 1.16.0 to 1.17.0 of Aardvark-dns have a resource management vulnerability. This vulnerability arises from truncated TCP DNS queries and connection resets, which may cause Aardvark-dns to enter an irreversible infinite erro...

SUSE CVE-2026-27854

An attacker might be able to trigger a use-after-free by sending crafted DNS queries to a DNSdist using the DNSQuestion:getEDNSOptions method in custom Lua code. In some cases DNSQuestion:getEDNSOptions might refer to a version of the DNS packet that has been modified, thus triggering a...

CVE-2026-27854

A flaw was found in DNSdist. An attacker could exploit this by sending crafted DNS queries that interact with the DNSQuestion:getEDNSOptions method in custom Lua code. This interaction can trigger a use-after-free vulnerability, potentially leading to a crash and a denial of service DoS for the...

EUVD-2026-17361

An attacker might be able to inject HTML content into the internal web dashboard by sending crafted DNS queries to a DNSdist instance where domain-based dynamic rules have been enabled via either DynBlockRulesGroup:setSuffixMatchRule or DynBlockRulesGroup:setSuffixMatchRuleFFI...

CVE-2026-0396 HTML injection in the web dashboard

An attacker might be able to inject HTML content into the internal web dashboard by sending crafted DNS queries to a DNSdist instance where domain-based dynamic rules have been enabled via either DynBlockRulesGroup:setSuffixMatchRule or DynBlockRulesGroup:setSuffixMatchRuleFFI...

CVE-2026-0396

An attacker might be able to inject HTML content into the internal web dashboard by sending crafted DNS queries to a DNSdist instance where domain-based dynamic rules have been enabled via either DynBlockRulesGroup:setSuffixMatchRule or DynBlockRulesGroup:setSuffixMatchRuleFFI...

CVE-2026-3591

A use-after-return vulnerability exists in the named server when handling DNS queries signed with SIG0. Using a specially-crafted DNS request, an attacker may be able to cause an ACL to improperly mismatch an IP address. In a default-allow ACL denying only specific IP addresses, this may lead to...

CVE-2026-3591

A use-after-return vulnerability exists in the named server when handling DNS queries signed with SIG0. Using a specially-crafted DNS request, an attacker may be able to cause an ACL to improperly mismatch an IP address. In a default-allow ACL denying only specific IP addresses, this may lead to...

ISC BIND 9.20.0 < 9.20.21 / 9.20.9-S1 < 9.20.21-S1 / 9.21.0 < 9.21.20 Vulnerability (cve-2026-3591)

The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2026-3591 advisory. - A use-after-return vulnerability exists in the named server when handling DNS queries signed with SIG0. Using a...

Linux Distros Unpatched Vulnerability : CVE-2026-3591

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-return vulnerability exists in the named server when handling DNS queries signed with SIG0. Using a specially-crafted DNS request, an attacker may b...

UBUNTU-CVE-2026-3591

A use-after-return vulnerability exists in the named server when handling DNS queries signed with SIG0. Using a specially-crafted DNS request, an attacker may be able to cause an ACL to improperly mismatch an IP address. In a default-allow ACL denying only specific IP addresses, this may lead to...

PT-2026-25987

Summary A vulnerability exists in the Community Tier of Harden-Runner that allows bypassing the egress-policy: block network restriction using DNS queries over TCP. Harden-Runner enforces egress policies on GitHub runners by filtering outbound connections at the network layer. When egress-policy:...

EulerOS Virtualization 2.12.0 : avahi (EulerOS-SA-2026-1473)

According to the versions of the avahi package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where...

ROS-20260209-73-0001

A vulnerability in the Avahi Wide-Area Local Area Network Service Discovery System is related to the use of insufficiently randomized values. Exploitation of the vulnerability could allow an attacker acting remotely to affect the confidentiality of protected information through a specially crafte...

CVE-2022-33989

dproxy-nexgen aka dproxy nexgen uses a static UDP source port selected randomly only at boot time in upstream queries sent to DNS resolvers. This allows DNS cache poisoning because there is not enough entropy to prevent traffic injection attacks...