Lucene search
K

4 matches found

Cvelist
Cvelist
added 2026/06/10 6:37 a.m.40 views

CVE-2026-10846 Insufficient verification that responses belong to a query

NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as stub resolver over UDP, lacks matching the query destination address and port with the response source address and port. Furthermore not the query ID, neither the question of the query is matched with that of t...

8.2CVSS0.00147EPSS
Exploits0References1
CVE
CVE
added 2026/06/10 6:37 a.m.37 views

CVE-2026-10846

CVE-2026-10846 affects nlnts ldns used as a stub resolver over UDP. FreeBSD advisories confirm that ldns failed to verify response provenance (source IP/port, transaction ID, and question matching), enabling off‑path spoofing of UDP responses and arbitrary data delivery to programs using ldns (e....

8.2CVSS5.4AI score0.00147EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added 2026/06/10 6:37 a.m.7 views

CVE-2026-10846

NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as stub resolver over UDP, lacks matching the query destination address and port with the response source address and port. Furthermore not the query ID, neither the question of the query is matched with that of t...

8.2CVSS5.8AI score0.00147EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.15 views

NLnet Labs ldns 访问控制错误漏洞

NLnet Labs ldns is a DNS library developed by the Nlnet Foundation in the Netherlands, designed for easy programming of DNS tools. Versions 1.2.0 to 1.9.0 of NLnet Labs ldns contain access control vulnerability issues. This vulnerability arises from the fact that when used as a UDP resolver, the...

8.2CVSS5.3AI score0.00147EPSS
Exploits0References1
Rows per page
Query Builder