unbound security update

An update is available for unbound. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The unbound packages provide a validating, recursive, and caching DNS or DNSS...

RLSA-2026:18931 Moderate: unbound security update

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: DNSBomb vulnerability CVE-2024-33655 unbound: Unbound domain hijacking via promiscuous records CVE-2025-11411 For more details about the security issues, including the impact, a CVSS...

RockyLinux 9 : unbound (RLSA-2026:18931)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:18931 advisory. unbound: DNSBomb vulnerability CVE-2024-33655 unbound: Unbound domain hijacking via promiscuous records CVE-2025-11411 Tenable has extracted the precedi...

Moderate: Red Hat Security Advisory: unbound security update

An update for unbound is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

unbound: Unbound domain hijacking via promiscuous records

A domain hijacking flaw has been discovered in NLNet Lab's Unbound project. Promiscuous NS RRSets that complement positive DNS replies in the authority section can be used to trick resolvers to update their delegation information for the zone. Usually these RRSets are used to update the resolver'...

Moderate: unbound security update

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: DNSBomb vulnerability CVE-2024-33655 unbound: Unbound domain hijacking via promiscuous records CVE-2025-11411 For more details about the security issues, including the impact, a CVSS...

ALSA-2026:18556 Moderate: unbound security update

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: DNSBomb vulnerability CVE-2024-33655 unbound: Unbound domain hijacking via promiscuous records CVE-2025-11411 For more details about the security issues, including the impact, a CVSS...

ALSA-2026:18931 Moderate: unbound security update

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: DNSBomb vulnerability CVE-2024-33655 unbound: Unbound domain hijacking via promiscuous records CVE-2025-11411 For more details about the security issues, including the impact, a CVSS...

RHEL 9 : unbound (RHSA-2026:18931)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:18931 advisory. The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: DNSBomb vulnerability...

Astra Linux - уязвимость в c-ares

A flaw was discovered in the c-ares library. A missing input validation check for host names returned by DNS Domain Name Servers can result in incorrect hostnames being displayed. This could potentially lead to Domain Hijacking. The greatest threat posed by this vulnerability is related to...

openSUSE 16 Security Update : unbound (openSUSE-SU-2026:20139-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20139-1 advisory. Update to 1.24.1: - CVE-2025-11411: Fixed possible domain hijacking attack bsc1252525. Tenable has extracted the preceding description block directly fr...

SUSE SLES16 Security Update : unbound (SUSE-SU-2026:20201-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:20201-1 advisory. Update to 1.24.1: - CVE-2025-11411: Fixed possible domain hijacking attack bsc1252525. Tenable has extracted the preceding description bloc...

Security update for unbound (moderate)

openSUSE security update: security update for unbound ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20139-1 Rating: moderate References: bsc1252525 Cross-References: CVE-2025-11411 CVSS scores: CVE-2025-11411 SUSE : 6.9...

OPENSUSE-SU-2026:20139-1 Security update for unbound

This update for unbound fixes the following issues: Update to 1.24.1: - CVE-2025-11411: Fixed possible domain hijacking attack bsc1252525...

SUSE-SU-2026:20180-1 Security update for unbound

This update for unbound fixes the following issues: Update to 1.24.1: - CVE-2025-11411: Fixed possible domain hijacking attack bsc1252525...

SUSE-SU-2026:20201-1 Security update for unbound

This update for unbound fixes the following issues: Update to 1.24.1: - CVE-2025-11411: Fixed possible domain hijacking attack bsc1252525...

MiracleLinux 8 : nodejs:14 (AXSA:2021-2448:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2448:01 advisory. nodejs: Use-after-free on close http2 on stream canceling CVE-2021-22930 nodejs: Use-after-free on close http2 on stream canceling CVE-2021-22940...

MiracleLinux 8 : nodejs:12 (AXSA:2021-2440:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2440:01 advisory. nodejs: Use-after-free on close http2 on stream canceling CVE-2021-22930 nodejs: Use-after-free on close http2 on stream canceling CVE-2021-22940...

USN-7047-1: libvirt vulnerabilities

It was discovered that libvirt parsed user-provided XML files before performing ACL checks. An attacker could possibly use this issue to cause libvirt to consume memory, resulting in a denial of service. CVE-2025-12748 It was discovered that libvirt incorrectly handled permissions on external...

Security update for unbound

This update for unbound fixes the following issues: CVE-2025-11411: Fixed domain hijacking due to promiscuous records bsc1252525 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...