Lucene search
K

21 matches found

OSV
OSV
added 2026/05/29 4:3 p.m.13 views

RLSA-2026:18556 Moderate: unbound security update

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: DNSBomb vulnerability CVE-2024-33655 unbound: Unbound domain hijacking via promiscuous records CVE-2025-11411 For more details about the security issues, including the impact, a CVSS...

6.1CVSS7AI score0.01729EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/28 12:0 a.m.12 views

RockyLinux 9 : unbound (RLSA-2026:18931)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:18931 advisory. unbound: DNSBomb vulnerability CVE-2024-33655 unbound: Unbound domain hijacking via promiscuous records CVE-2025-11411 Tenable has extracted the precedi...

7.5CVSS7AI score0.01729EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2026/05/21 8:2 a.m.15 views

Possible cache poisoning via promiscuous records for the authority section

...

10CVSS5.8AI score0.00249EPSS
Exploits0
OSV
OSV
added 2026/05/20 10:16 a.m.6 views

ALPINE-CVE-2026-42960

NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section. Promiscuous RRSets that complement DNS replies in the authority section can be used to trick Unbound to cache such records. If an adversary is able to attach such...

10CVSS5.4AI score0.00249EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/20 9:21 a.m.9 views

CVE-2026-42960 Possible cache poisoning via promiscuous records for the authority section

NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section. Promiscuous RRSets that complement DNS replies in the authority section can be used to trick Unbound to cache such records. If an adversary is able to attach such...

7.1CVSS5.7AI score0.00249EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/20 9:21 a.m.10 views

EUVD-2026-31083

NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section. Promiscuous RRSets that complement DNS replies in the authority section can be used to trick Unbound to cache such records. If an adversary is able to attach such...

10CVSS5.7AI score0.00249EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/20 9:21 a.m.50 views

CVE-2026-42960 Possible cache poisoning via promiscuous records for the authority section

NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section. Promiscuous RRSets that complement DNS replies in the authority section can be used to trick Unbound to cache such records. If an adversary is able to attach such...

7.1CVSS0.00249EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/05/20 9:21 a.m.10 views

CVE-2026-42960

NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section. Promiscuous RRSets that complement DNS replies in the authority section can be used to trick Unbound to cache such records. If an adversary is able to attach such...

10CVSS5.7AI score0.00311EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/20 9:21 a.m.9 views

CVE-2026-42960

NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section. Promiscuous RRSets that complement DNS replies in the authority section can be used to trick Unbound to cache such records. If an adversary is able to attach such...

7.1CVSS7.4AI score0.00311EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/05/20 12:0 a.m.8 views

CVE-2026-42960

NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section. Promiscuous RRSets that complement DNS replies in the authority section can be used to trick Unbound to cache such records. If an adversary is able to attach such...

10CVSS5.7AI score0.00249EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-42960

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section. Promiscuous RRSets that...

10CVSS5.7AI score0.00249EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/12/15 10:34 a.m.4 views

Security update for unbound

This update for unbound fixes the following issues: CVE-2025-11411: Fixed domain hijacking due to promiscuous records bsc1252525 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

7.1CVSS6.9AI score0.00311EPSS
Exploits0References4
OSV
OSV
added 2025/12/15 10:34 a.m.3 views

SUSE-SU-2025:4391-1 Security update for unbound

This update for unbound fixes the following issues: - CVE-2025-11411: Fixed domain hijacking due to promiscuous records bsc1252525...

7.1CVSS5.8AI score0.00311EPSS
Exploits0References3
OSV
OSV
added 2025/12/04 11:29 p.m.4 views

MGASA-2025-0318 Updated unbound packages fix security vulnerabilities

Possible domain hijacking via promiscuous records in the authority section. CVE-2025-11411. Previous fixes for CVE-2025-11411 released with Unbound 1.24.1 were not complete...

7.1CVSS6.9AI score0.00311EPSS
Exploits0References4
Mageia
Mageia
added 2025/12/04 11:29 p.m.6 views

Updated unbound packages fix security vulnerabilities

Possible domain hijacking via promiscuous records in the authority section. CVE-2025-11411. Previous fixes for CVE-2025-11411 released with Unbound 1.24.1 were not complete...

7.1CVSS7AI score0.00311EPSS
Exploits0References3
OSV
OSV
added 2025/11/26 2:26 p.m.2 views

SUSE-SU-2025:21065-1 Security update for unbound

This update for unbound fixes the following issues: - CVE-2025-11411: Fixed promiscuous records leading to domain hijacking bsc1252525...

7.1CVSS5.8AI score0.00311EPSS
Exploits0References3
OSV
OSV
added 2025/11/20 11:36 a.m.2 views

SUSE-SU-2025:21050-1 Security update for unbound

This update for unbound fixes the following issues: - CVE-2025-11411: Fixed promiscuous records leading to domain hijacking bsc1252525...

7.1CVSS5.8AI score0.00311EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2025/10/24 8:1 a.m.6 views

Possible domain hijacking via promiscuous records in the authority section

...

7.1CVSS7AI score0.00311EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/10/24 12:0 a.m.2 views

FreeBSD : unbound -- Possible domain hijacking via promiscuous records in the authority section (ea1c485f-b025-11f0-bce7-bc2411002f50)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ea1c485f-b025-11f0-bce7-bc2411002f50 advisory. [email protected] reports: NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possib...

7.1CVSS6.8AI score0.00311EPSS
Exploits0References3
CVE
CVE
added 2025/10/22 12:28 p.m.464 views

CVE-2025-11411

Summary: CVE-2025-11411 affects NLnet Labs Unbound up to and including 1.24.1, enabling possible domain hijack via promiscuous NS RRSets injected in DNS responses. The root issue is that NS RRSets in replies could be trusted for delegation updates, allowing a malicious actor to poison caches. The...

7.1CVSS6AI score0.00311EPSS
Exploits0References4
Rows per page
Query Builder