Lucene search
+L

241 matches found

RedhatCVE
RedhatCVE
added 3 days ago7 views

CVE-2026-10846

A flaw was found in ldns. When applications use ldns as a resolver over User Datagram Protocol UDP, it fails to properly match the query's destination address and port with the response's source address and port. Additionally, the query ID and question are not matched with the response. This...

8.2CVSS6.1AI score0.00147EPSS
Exploits0References4
Fedora
Fedora
added 2026/06/27 12:56 a.m.5 views

[SECURITY] Fedora 43 Update: ldns-1.9.2-1.fc43

ldns is a library with the aim to simplify DNS programming in C. All low-level DNS/DNSSEC operations are supported. We also define a higher level API which allows a programmer to for instance create or sign packets...

8.2CVSS5.8AI score0.00147EPSS
Exploits0
OSV
OSV
added 2026/06/19 7:38 a.m.6 views

SUSE-SU-2026:2461-1 Security update for ldns

This update for ldns fixes the following issue - CVE-2026-10846: When ldns is used by applications for stub resolving, it does not sufficiently verify that received responses belong to a sent query bsc1267670...

8.2CVSS5.9AI score0.00147EPSS
Exploits0References3
OSV
OSV
added 2026/06/18 9:9 p.m.3 views

SUSE-SU-2026:22167-1 Security update for ldns

This update for ldns fixes the following issue - CVE-2026-10846: when ldns is used by applications for stub resolving, it does not sufficiently verify that received responses belong to a sent query bsc1267670...

8.2CVSS5.8AI score0.00147EPSS
Exploits0References3
OSV
OSV
added 2026/06/18 1:33 p.m.7 views

USN-8449-1 ldns vulnerability

Pablo Ruiz discovered that ldns did not properly validate DNS responses when used as a stub resolver over UDP. A remote attacker could possibly use this issue to inject arbitrary DNS responses...

8.2CVSS5.6AI score0.00147EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2026/06/18 1:33 p.m.17 views

USN-8449-1: ldns vulnerability

Pablo Ruiz discovered that ldns did not properly validate DNS responses when used as a stub resolver over UDP. A remote attacker could possibly use this issue to inject arbitrary DNS responses...

8.2CVSS5.6AI score0.00147EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/06/13 6:21 p.m.11 views

CVE-2026-10846 affecting package ldns for versions less than 1.8.3-3

CVE-2026-10846 affecting package ldns for versions less than 1.8.3-3. A patched version of the package is available...

8.2CVSS5.2AI score0.00147EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/06/12 2:32 a.m.14 views

SUSE CVE-2026-10846

NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as stub resolver over UDP, lacks matching the query destination address and port with the response source address and port. Furthermore not the query ID, neither the question of the query is matched with that of t...

7.5CVSS5.4AI score0.00147EPSS
Exploits0References6
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/12 12:0 a.m.7 views

ldns-1.9.2-1.1 on GA media (moderate)

ldns-1.9.2-1.1 on GA media Announcement ID: openSUSE-SU-2026:10998-1 Rating: moderate Cross-References: CVE-2026-10846 CVSS scores: CVE-2026-10846 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVE-2026-10846 SUSE : 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N...

8.2CVSS5.3AI score0.00147EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-10846

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as stub resolver over UDP, lacks matching the query destination address and...

8.2CVSS6.1AI score0.00147EPSS
Exploits0References4
OSV
OSV
added 2026/06/11 12:0 a.m.3 views

OPENSUSE-SU-2026:10998-1 ldns-1.9.2-1.1 on GA media

These are all security issues fixed in the ldns-1.9.2-1.1 package on the GA media of openSUSE Tumbleweed...

8.2CVSS5.3AI score0.00147EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.10 views

FreeBSD : FreeBSD -- Insufficient response validation in the ldns stub resolver (fc0c7763-6477-11f1-958d-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the fc0c7763-6477-11f1-958d-bc241121aa0a advisory. When used as a stub resolver over UDP, ldns failed to verify that a received response belonged to the...

8.2CVSS5.6AI score0.00147EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/10 9:45 a.m.6 views

Origin Validation Error

Overview Affected versions of this package are vulnerable to Origin Validation Error due to the improper matching of the query destination address and port with the response source address and port when Idns is used in applications as stub resolver over UDP. Remediation A fix was pushed into the...

8.2CVSS5.8AI score0.00147EPSS
Exploits0References2
OSV
OSV
added 2026/06/10 7:16 a.m.3 views

CVE-2026-10846

NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as stub resolver over UDP, lacks matching the query destination address and port with the response source address and port. Furthermore not the query ID, neither the question of the query is matched with that of t...

7.5CVSS5.9AI score0.00147EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/10 6:37 a.m.13 views

CVE-2026-10846

NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as stub resolver over UDP, lacks matching the query destination address and port with the response source address and port. Furthermore not the query ID, neither the question of the query is matched with that of t...

8.2CVSS5.4AI score0.00147EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/06/10 6:37 a.m.9 views

CVE-2026-10846 Insufficient verification that responses belong to a query

NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as stub resolver over UDP, lacks matching the query destination address and port with the response source address and port. Furthermore not the query ID, neither the question of the query is matched with that of t...

8.2CVSS5.4AI score0.00147EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/10 6:37 a.m.45 views

CVE-2026-10846 Insufficient verification that responses belong to a query

NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as stub resolver over UDP, lacks matching the query destination address and port with the response source address and port. Furthermore not the query ID, neither the question of the query is matched with that of t...

8.2CVSS0.00147EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/06/10 6:37 a.m.9 views

CVE-2026-10846

NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as stub resolver over UDP, lacks matching the query destination address and port with the response source address and port. Furthermore not the query ID, neither the question of the query is matched with that of t...

8.2CVSS5.8AI score0.00147EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.20 views

NLnet Labs ldns 访问控制错误漏洞

NLnet Labs ldns is a DNS library developed by the Nlnet Foundation in the Netherlands, designed for easy programming of DNS tools. Versions 1.2.0 to 1.9.0 of NLnet Labs ldns contain access control vulnerability issues. This vulnerability arises from the fact that when used as a UDP resolver, the...

8.2CVSS5.3AI score0.00147EPSS
Exploits0References1
OSV
OSV
added 2026/06/09 4:0 p.m.8 views

UBUNTU-CVE-2026-10846

NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as stub resolver over UDP, lacks matching the query destination address and port with the response source address and port. Furthermore not the query ID, neither the question of the query is matched with that of t...

8.2CVSS5.3AI score0.00147EPSS
Exploits0References3
Rows per page
Query Builder