zeroconf: Unbounded exception-dedup state retains packet buffers via traceback frame locals, enabling LAN-local memory exhaustion

Impact DNSIncoming.logexceptiondebug and the four QuietLogger exception-dedup methods stored an unbounded seenlogs dict keyed by strsys.excinfo1. The seven IncomingDecodeError messages raised from readname / decodelabelsatoffset RFC 6762 §18 name-decoding error paths all embed self.source — the...

PT-2026-45026

Impact DNSCache. async add inserted every response record into cache, expirations, expire heap, and service cache with no cap on entry count. The only pre-existing protection was a PTR TTL floor DNS PTR MIN TTL = 1125 s, RFC 6762 §10, which actually prolonged attacker-injected records, and a...

PT-2026-45024

Impact DNSIncoming. decode labels at offset recurses once per DNS-name compression pointer RFC 1035 §4.1.4. Pointer cycles and label counts were capped, but the chain length of unique forward pointers was not. A single 3 kB mDNS packet carrying 1500 chained pointers drives the recursion past...

CVE-2026-30871 OpenWrt Project has Stack-based Buffer Overflow in DNS PTR Query

OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to 24.10.6 and 25.12.1, the mdns daemon has a Stack-based Buffer Overflow vulnerability in the parsequestion function. The issue is triggered by PTR queries for reverse DNS domains .in-addr.arpa and .ip6.arp...

CVE-2026-20067 Multiple Cisco Products Snort 3 TBD Denial of Service Vulnerability

Multiple Cisco products are affected by a vulnerability in the Snort 3 detection engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to incomplete error checking...

mDNS Service Public WAN (Internet) Accessible

The script checks if the target host is exposing a service supporting the Multicast DNS mDNS protocol to a Public WAN Internet. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

UBUNTU-CVE-2020-6077

An exploitable denial-of-service vulnerability exists in the message-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing mDNS messages, the implementation does not properly keep track of the available data in the message, possibly leading to an out-of-bounds read that would result ...

Heap corruption vulnerability in Xiaomi AI Speaker-mDNS service

Xiaomi AI Speaker is a smart speaker product from Xiaomi. A heap corruption vulnerability exists in the Xiaomi AI Speaker-mDNS service. The vulnerability is due to the program service in the parsing of the request message there is a boundary check is not strict, resulting in the arbitrary write o...

Xiaomi AI Speaker-mDNS service suffers from denial of service vulnerability

Xiaomi AI Speaker is a smart speaker product from Xiaomi. A denial of service vulnerability exists in the Xiaomi AI Speaker-mDNS service. The vulnerability is caused by the program service failing to adequately determine malformed messages when parsing request messages, causing the parsing thread...