CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

SUSE CVE•added 2026/05/30 2:8 a.m.•9 views

SUSE CVE-2026-32792

NLnet Labs Unbound 1.6.2 up to and including version 1.25.0 has a denial of service vulnerability when compiled with DNSCrypt support '--enable-dnscrypt'. A bad DNSCrypt query could underflow Unbound's DNSCrypt packet reading procedure that may lead to heap overflow. A malicious actor can exploit...

5.9CVSS6AI score0.00337EPSS

Exploits0References7

Microsoft CVE•added 2026/05/21 8:2 a.m.•11 views

Packet of death with DNSCrypt

...

8.2CVSS5.8AI score0.00337EPSS

Ubuntu•added 2026/05/20 12:20 p.m.•14 views

USN-8282-1: Unbound vulnerabilities

Andrew Griffiths discovered that Unbound did not properly handle certain DNSCrypt packets. A remote attacker could possibly use this issue to cause Unbound to crash, resulting in a denial of service. CVE-2026-32792 Qifan Zhang discovered that Unbound incorrectly handled DNSSEC validation in certa...

10CVSS6.1AI score0.00888EPSS

OSV•added 2026/05/20 12:20 p.m.•9 views

USN-8282-1 unbound vulnerabilities

10CVSS6.1AI score0.00888EPSS

Exploits0References12

OSV•added 2026/05/20 10:16 a.m.•4 views

ALPINE-CVE-2026-32792

5.3CVSS5.8AI score0.00337EPSS

NVD•added 2026/05/20 10:16 a.m.•10 views

CVE-2026-32792

8.2CVSS0.00337EPSS

EUVD•added 2026/05/20 9:17 a.m.•11 views

EUVD-2026-31077

CVE•added 2026/05/20 9:17 a.m.•25 views

CVE-2026-32792

Affected software : NLnet Labs Unbound 1.6.2 through 1.25.0 (with DNSCrypt support enabled via --enable-dnscrypt). Root cause : A malformed DNSCrypt query can underflow the DNSCrypt packet reading, causing Unbound to read beyond the buffer and potentially trigger a heap overflow, depending on all...

Exploits0References1Affected Software1

Cvelist•added 2026/05/20 9:17 a.m.•46 views

CVE-2026-32792 Packet of death with DNSCrypt

8.2CVSS0.00337EPSS

Vulnrichment•added 2026/05/20 9:17 a.m.•9 views

CVE-2026-32792 Packet of death with DNSCrypt

AlpineLinux•added 2026/05/20 9:17 a.m.•7 views

CVE-2026-32792

Debian CVE•added 2026/05/20 9:17 a.m.•6 views

CVE-2026-32792

UbuntuCve•added 2026/05/20 12:0 a.m.•6 views

CVE-2026-32792

CNNVD•added 2026/05/20 12:0 a.m.•7 views

Exploits0References3

NLnet Labs Unbound 缓冲区错误漏洞

NLnet Labs Unbound is a high-performance DNS resolver open-sourced by NLnet Labs. In versions 1.6.2 to 1.25.0 of NLnet Labs Unbound, there is a buffer error vulnerability. This vulnerability stems from a potential stack overflow during the DNSCrypt packet reading process. Malicious attackers can...

Positive Technologies•added 2026/05/20 12:0 a.m.•7 views

Exploits0References2

PT-2026-42124

Name of the Vulnerable Software and Affected Versions NLnet Labs Unbound versions 1.6.2 through 1.25.0 Description A denial of service issue exists when the software is compiled with DNSCrypt support using the --enable-dnscrypt flag. A specially crafted DNSCrypt query, where the decrypted plainte...

10CVSS5.8AI score0.00888EPSS

Exploits0References54

OSV•added 2026/05/20 12:0 a.m.•1 views

UBUNTU-CVE-2026-32792

Tenable Nessus•added 2026/05/20 12:0 a.m.•10 views

Exploits0References4

Linux Distros Unpatched Vulnerability : CVE-2026-32792

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NLnet Labs Unbound 1.6.2 up to and including version 1.25.0 has a denial of service vulnerability when compiled with DNSCrypt support '--enable-dnscrypt'. A bad...

FreeBSD•added 2026/05/20 12:0 a.m.•9 views

Exploits0References4

Unbound -- Multiple vulnerabilities

NLnet Labs reports: This release consolidates security fixes for issues reported over a period of time. There are fixes for: CVE-2026-33278: Possible remote code execution during DNSSEC validation. CVE-2026-42944: Heap overflow and crash with multiple nsid, cookie, padding EDNS options...

10CVSS6.2AI score0.00888EPSS