CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

93 matches found

CVE-2026-44390

NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability when handling replies with very large RRsets that Unbound needs to perform name compression for. Malicious upstream responses with very large RRsets with records that don't share a suffix above the root can cause Unbound to...

6.9CVSS5.5AI score0.00057EPSS

Exploits0References1

SUSE Linux•added 4 days ago•5 views

Security update for unbound

This update for unbound fixes the following issues CVE-2026-32792: Packet of death with DNSCrypt bsc1265583. CVE-2026-33278: Possible remote code execution during DNSSEC validation bsc1265587. CVE-2026-40622: "Ghost domain name" variant bsc1265581. CVE-2026-41292: Parsing a long list of incoming...

8.6CVSS6.2AI score0.00322EPSS

Exploits0References44

OSV•added 4 days ago•3 views

SUSE-SU-2026:2281-1 Security update for unbound

This update for unbound fixes the following issues - CVE-2026-32792: Packet of death with DNSCrypt bsc1265583. - CVE-2026-33278: Possible remote code execution during DNSSEC validation bsc1265587. - CVE-2026-40622: 'Ghost domain name' variant bsc1265581. - CVE-2026-41292: Parsing a long list of...

10CVSS6.2AI score0.00322EPSS

Exploits0References23

SUSE CVE•added 2026/05/30 2:5 a.m.•8 views

SUSE CVE-2026-44390

5.9CVSS5.8AI score0.00057EPSS

Exploits0References6

OSV•added 2026/05/28 3:44 p.m.•3 views

SUSE-SU-2026:21913-1 Security update for unbound

This update for unbound fixes the following issues - CVE-2026-32792: Packet of death with DNSCrypt bsc1265583. - CVE-2026-33278: Possible remote code execution during DNSSEC validation bsc1265587. - CVE-2026-40622: "Ghost domain name" variant bsc1265581. - CVE-2026-41292: Parsing a long list of...

10CVSS6.5AI score0.00322EPSS

Exploits0References23

Microsoft CVE•added 2026/05/21 8:3 a.m.•10 views

Unbounded name compression in certain cases causes degradation of service

...

6.9CVSS5.8AI score0.00057EPSS

Exploits0

NVD•added 2026/05/20 10:16 a.m.•7 views

CVE-2026-44390

6.9CVSS0.00057EPSS

Exploits0References1

Vulnrichment•added 2026/05/20 9:21 a.m.•5 views

CVE-2026-44390 Unbounded name compression in certain cases causes degradation of service

6.9CVSS5.8AI score0.00057EPSS

Exploits0References1

Debian CVE•added 2026/05/20 9:21 a.m.•7 views

CVE-2026-44390

6.9CVSS5.8AI score0.00057EPSS

Exploits0

AlpineLinux•added 2026/05/20 9:21 a.m.•7 views

CVE-2026-44390

6.9CVSS5.8AI score0.00163EPSS

Exploits0References1

Cvelist•added 2026/05/20 9:21 a.m.•34 views

CVE-2026-44390 Unbounded name compression in certain cases causes degradation of service

6.9CVSS0.00057EPSS

Exploits0References1

ATTACKERKB•added 2026/05/20 9:21 a.m.•6 views

CVE-2026-44390

6.9CVSS6.8AI score0.00163EPSS

Exploits0References2

EUVD•added 2026/05/20 9:21 a.m.•6 views

EUVD-2026-31088

6.9CVSS5.8AI score0.00057EPSS

Exploits0References1

CVE•added 2026/05/20 9:21 a.m.•12 views

CVE-2026-44390

CVE-2026-44390 affects NLnet Labs Unbound up to 1.25.0. Malicious upstream responses with very large RRsets trigger an unbounded name compression operation, potentially locking CPU and causing degraded performance or denial of service. Unbound 1.25.1 includes a patch that increments the compressi...

6.9CVSS5.8AI score0.00057EPSS

Exploits0References1Affected Software1

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в unbound

Unbound versions up to and including 1.21.0 contain a vulnerability when handling replies with very large RRsets that it needs to perform name compression on. Malicious upstream responses with very large RRsets can cause Unbound to spend considerable time applying name compression to downstream...

5.3CVSS6.7AI score0.00163EPSS

Exploits0References2

Positive Technologies•added 2026/05/20 12:0 a.m.•6 views

PT-2026-42134

Name of the Vulnerable Software and Affected Versions NLnet Labs Unbound versions prior to 1.25.1 Description An issue exists when handling replies with very large RRsets Resource Record sets that require name compression. Malicious upstream responses containing very large RRsets with records tha...

10CVSS5.8AI score0.00322EPSS

Exploits0References36

OSV•added 2026/05/20 12:0 a.m.•2 views

UBUNTU-CVE-2026-44390

6.9CVSS5.8AI score0.00057EPSS

Exploits0References4

Tenable Nessus•added 2026/05/20 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-44390

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability when handling replies with very large RRsets that Unbound needs to perform name...

6.9CVSS6.8AI score0.00163EPSS

Exploits0References3

FreeBSD•added 2026/05/20 12:0 a.m.•3 views

Unbound -- Multiple vulnerabilities

NLnet Labs reports: This release consolidates security fixes for issues reported over a period of time. There are fixes for: CVE-2026-33278: Possible remote code execution during DNSSEC validation. CVE-2026-42944: Heap overflow and crash with multiple nsid, cookie, padding EDNS options...

10CVSS6.2AI score0.00322EPSS

Exploits0References1

CNNVD•added 2026/05/20 12:0 a.m.•6 views

NLnet Labs Unbound 安全漏洞

NLnet Labs Unbound is a high-performance DNS resolver open-sourced by NLnet Labs. Versions of NLnet Labs Unbound 1.25.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from unbound name compression operations when handling large RRsets, which could lead to performanc...

6.9CVSS5.8AI score0.00057EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by