SUSE CVE-2026-44390

NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability when handling replies with very large RRsets that Unbound needs to perform name compression for. Malicious upstream responses with very large RRsets with records that don't share a suffix above the root can cause Unbound to...

CLSA-2026-1779535502 unbound: Fix of CVE-2026-33278

CVE-2026-33278: possible remote code execution during DNSSEC validation via a dangling rrsets pointer in dnsmsgdeepcopyregion exposed by the backported KeyTrap mitigation...

CLSA-2026-1779534149 unbound: Fix of CVE-2026-33278

CVE-2026-33278: use-after-free in DNSSEC validator dnsmsgdeepcopyregion during NSEC3 sub-query suspend/resume; buggy struct-assignment overwrote the destination's freshly-allocated rrsets pointer with the source's pointer, leaving a dangling pointer dereferenced after the source region was freed...

CVE-2026-44390

NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability when handling replies with very large RRsets that Unbound needs to perform name compression for. Malicious upstream responses with very large RRsets with records that don't share a suffix above the root can cause Unbound to...

CVE-2026-44390 Unbounded name compression in certain cases causes degradation of service

NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability when handling replies with very large RRsets that Unbound needs to perform name compression for. Malicious upstream responses with very large RRsets with records that don't share a suffix above the root can cause Unbound to...

CVE-2026-44390

NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability when handling replies with very large RRsets that Unbound needs to perform name compression for. Malicious upstream responses with very large RRsets with records that don't share a suffix above the root can cause Unbound to...

EUVD-2026-31088

NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability when handling replies with very large RRsets that Unbound needs to perform name compression for. Malicious upstream responses with very large RRsets with records that don't share a suffix above the root can cause Unbound to...

EulerOS 2.0 SP11 : unbound (EulerOS-SA-2026-1623)

According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : NLnet Labs Unbound up to and including version 1.24.1 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that complement...

EulerOS 2.0 SP13 : unbound (EulerOS-SA-2026-1228)

According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that complement...

EulerOS Virtualization 2.10.1 : unbound (EulerOS-SA-2026-1149)

According to the versions of the unbound packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that...

Azure Linux 3.0 Security Update: unbound (CVE-2024-8508)

The version of unbound installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-8508 advisory. - NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with ve...

MiracleLinux 9 : unbound-1.16.2-8.el9_5.1 (AXSA:2024-9491:08)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9491:08 advisory. unbound: Unbounded name compression could lead to Denial of Service CVE-2024-8508 CVEs: CVE-2024-8508 NLnet Labs Unbound up to and including version 1.21.0...

EulerOS 2.0 SP12 : unbound (EulerOS-SA-2026-1100)

According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : NLnet Labs Unbound up to and including version 1.24.1 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that complement...

Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2026-1080)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux 2 : unbound, --advisory ALAS2-2025-3095 (ALAS-2025-3095)

The version of unbound installed on the remote host is prior to 1.7.3-15. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3095 advisory. NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that...

USN-7855-2: Unbound regression

USN-7855-1 fixed vulnerabilities in Unbound. It was discovered that the fix for CVE-2025-11411 was incomplete. This update fixes the problem. Original advisory details: Yuxiao Wu, Yunyi Zhang, Baojun Liu, and Haixin Duan discovered that Unbound incorrectly handled certain promiscuous NS RRSets. A...

TencentOS Server 4: unbound (TSSA-2025:0633)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0633 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Amazon Linux 2 : unbound, --advisory ALAS2-2025-3055 (ALAS-2025-3055)

The version of unbound installed on the remote host is prior to 1.7.3-15. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3055 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...

Amazon Linux 2 : unbound, --advisory ALAS2UNBOUND-1.17-2025-006 (ALASUNBOUND-1.17-2025-006)

The version of unbound installed on the remote host is prior to 1.17.0-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2UNBOUND-1.17-2025-006 advisory. NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possible domain hijack attacks. Promiscuous NS...

Debian dla-4365 : libunbound-dev - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4365 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4365-1 [email protected] https://www.debian.org/lts/security/...