Lucene search
K

174 matches found

OSV
OSV
added 2026/06/18 2:32 p.m.3 views

SUSE-SU-2026:22213-1 Security update for unbound

This update for unbound fixes the following issues - CVE-2026-32792: Packet of death with DNSCrypt bsc1265583. - CVE-2026-33278: Possible remote code execution during DNSSEC validation bsc1265587. - CVE-2026-40622: "Ghost domain name" variant bsc1265581. - CVE-2026-41292: Parsing a long list of...

10CVSS6.5AI score0.01272EPSS
Exploits0References23
OSV
OSV
added 2026/06/18 2:32 p.m.3 views

SUSE-SU-2026:22160-1 Security update for unbound

This update for unbound fixes the following issues - CVE-2026-32792: Packet of death with DNSCrypt bsc1265583. - CVE-2026-33278: Possible remote code execution during DNSSEC validation bsc1265587. - CVE-2026-40622: "Ghost domain name" variant bsc1265581. - CVE-2026-41292: Parsing a long list of...

10CVSS6.5AI score0.01272EPSS
Exploits0References23
Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.10 views

SUSE SLES15 Security Update : unbound (SUSE-SU-2026:2369-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2369-1 advisory. This update for unbound fixes the following issues - CVE-2026-32792: Packet of death with DNSCrypt bsc1265583. - CVE-2026-33278:...

10CVSS6.7AI score0.01272EPSS
Exploits0References34
SUSE Linux
SUSE Linux
added 2026/06/11 12:22 p.m.7 views

Security update for unbound

This update for unbound fixes the following issues CVE-2026-32792: Packet of death with DNSCrypt bsc1265583. CVE-2026-33278: Possible remote code execution during DNSSEC validation bsc1265587. CVE-2026-40622: "Ghost domain name" variant bsc1265581. CVE-2026-41292: Parsing a long list of incoming...

8.6CVSS6.2AI score0.01272EPSS
Exploits0References44
OSV
OSV
added 2026/06/11 12:22 p.m.5 views

SUSE-SU-2026:2369-1 Security update for unbound

This update for unbound fixes the following issues - CVE-2026-32792: Packet of death with DNSCrypt bsc1265583. - CVE-2026-33278: Possible remote code execution during DNSSEC validation bsc1265587. - CVE-2026-40622: 'Ghost domain name' variant bsc1265581. - CVE-2026-41292: Parsing a long list of...

10CVSS6.2AI score0.01272EPSS
Exploits0References23
RedhatCVE
RedhatCVE
added 2026/06/05 7:26 p.m.10 views

CVE-2026-40622

NLnet Labs Unbound 1.16.2 up to and including version 1.25.0 has a vulnerability of the 'ghost domain names' family of attacks that could extend the ghost domain window by up to one cached TTL configured value. Similar to other 'ghost domain names' attacks, an adversary needs to control a ghost...

8.7CVSS5.4AI score0.00171EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2026/06/05 12:12 p.m.11 views

Security update for unbound

This update for unbound fixes the following issues CVE-2026-32792: Packet of death with DNSCrypt bsc1265583. CVE-2026-33278: Possible remote code execution during DNSSEC validation bsc1265587. CVE-2026-40622: "Ghost domain name" variant bsc1265581. CVE-2026-41292: Parsing a long list of incoming...

8.6CVSS6.2AI score0.01272EPSS
Exploits0References44
OSV
OSV
added 2026/06/05 12:12 p.m.6 views

SUSE-SU-2026:2281-1 Security update for unbound

This update for unbound fixes the following issues - CVE-2026-32792: Packet of death with DNSCrypt bsc1265583. - CVE-2026-33278: Possible remote code execution during DNSSEC validation bsc1265587. - CVE-2026-40622: 'Ghost domain name' variant bsc1265581. - CVE-2026-41292: Parsing a long list of...

10CVSS6.2AI score0.01272EPSS
Exploits0References23
OSV
OSV
added 2026/06/02 6:26 p.m.9 views

USN-8282-2 unbound vulnerabilities

USN-8282-1 fixed vulnerabilities in Unbound. This update provides the corresponding updates for CVE-2026-41292 in Ubuntu 18.04 LTS and Ubuntu 20.04 LTS and CVE-2026-42959, CVE-2026-42960 in Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: Andr...

10CVSS6.1AI score0.00779EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2026/06/02 6:26 p.m.18 views

USN-8282-2: Unbound vulnerabilities

USN-8282-1 fixed vulnerabilities in Unbound. This update provides the corresponding updates for CVE-2026-41292 in Ubuntu 18.04 LTS and Ubuntu 20.04 LTS and CVE-2026-42959, CVE-2026-42960 in Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: Andr...

10CVSS6.1AI score0.00779EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/30 2:7 a.m.15 views

SUSE CVE-2026-40622

NLnet Labs Unbound 1.16.2 up to and including version 1.25.0 has a vulnerability of the 'ghost domain names' family of attacks that could extend the ghost domain window by up to one cached TTL configured value. Similar to other 'ghost domain names' attacks, an adversary needs to control a ghost...

5.9CVSS5.7AI score0.00171EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.18 views

Amazon Linux 2023 : python3-unbound, unbound, unbound-anchor (ALAS2023-2026-1756)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1756 advisory. NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep...

10CVSS6.4AI score0.01272EPSS
Exploits0References22
Amazon
Amazon
added 2026/05/26 12:0 a.m.18 views

Important: unbound

Issue Overview: NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep copying a data structure and erroneously overwriting a destination pointer. An adversary c...

10CVSS6.6AI score0.01272EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/05/21 8:2 a.m.19 views

Another 'ghost domain names' attack variant

...

8.7CVSS5.8AI score0.00171EPSS
Exploits0
OSV
OSV
added 2026/05/20 12:20 p.m.13 views

USN-8282-1 unbound vulnerabilities

Andrew Griffiths discovered that Unbound did not properly handle certain DNSCrypt packets. A remote attacker could possibly use this issue to cause Unbound to crash, resulting in a denial of service. CVE-2026-32792 Qifan Zhang discovered that Unbound incorrectly handled DNSSEC validation in certa...

10CVSS6.1AI score0.01272EPSS
Exploits0References12
NVD
NVD
added 2026/05/20 10:16 a.m.27 views

CVE-2026-40622

NLnet Labs Unbound 1.16.2 up to and including version 1.25.0 has a vulnerability of the 'ghost domain names' family of attacks that could extend the ghost domain window by up to one cached TTL configured value. Similar to other 'ghost domain names' attacks, an adversary needs to control a ghost...

8.7CVSS0.00171EPSS
Exploits0References1
OSV
OSV
added 2026/05/20 10:16 a.m.8 views

ALPINE-CVE-2026-40622

NLnet Labs Unbound 1.16.2 up to and including version 1.25.0 has a vulnerability of the 'ghost domain names' family of attacks that could extend the ghost domain window by up to one cached TTL configured value. Similar to other 'ghost domain names' attacks, an adversary needs to control a ghost...

7.5CVSS5.4AI score0.00171EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/20 9:18 a.m.56 views

CVE-2026-40622 Another 'ghost domain names' attack variant

NLnet Labs Unbound 1.16.2 up to and including version 1.25.0 has a vulnerability of the 'ghost domain names' family of attacks that could extend the ghost domain window by up to one cached TTL configured value. Similar to other 'ghost domain names' attacks, an adversary needs to control a ghost...

8.7CVSS0.00171EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/20 9:18 a.m.8 views

CVE-2026-40622 Another 'ghost domain names' attack variant

NLnet Labs Unbound 1.16.2 up to and including version 1.25.0 has a vulnerability of the 'ghost domain names' family of attacks that could extend the ghost domain window by up to one cached TTL configured value. Similar to other 'ghost domain names' attacks, an adversary needs to control a ghost...

8.7CVSS5.7AI score0.00171EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/20 9:18 a.m.9 views

CVE-2026-40622

NLnet Labs Unbound 1.16.2 up to and including version 1.25.0 has a vulnerability of the 'ghost domain names' family of attacks that could extend the ghost domain window by up to one cached TTL configured value. Similar to other 'ghost domain names' attacks, an adversary needs to control a ghost...

8.7CVSS5.7AI score0.00171EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder