6 matches found
CVE-2026-42944
A flaw was found in Unbound, a Domain Name System DNS resolver. A remote attacker could trigger a heap overflow by sending specially crafted DNS reply packets. This occurs when Unbound attempts to encode multiple Name Server Identifier NSID or Extension Mechanisms for DNS EDNS Cookie options, or...
unbound: Unbound domain hijacking via promiscuous records
A domain hijacking flaw has been discovered in NLNet Lab's Unbound project. Promiscuous NS RRSets that complement positive DNS replies in the authority section can be used to trick resolvers to update their delegation information for the zone. Usually these RRSets are used to update the resolver'...
RHEL 8 : unbound (RHSA-2025:13577)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:13577 advisory. The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: Unbound Cache poisoning...
The vulnerability of the cfg_mark_ports() function in the Unbound DNS server allows a attacker to cause service failure or unauthorized actions within the system.
The vulnerability of the cfgmarkports function in the Unbound DNS server is related to buffer overflow errors. Exploiting this vulnerability allows a remote attacker to cause service failures or unauthorized actions within the system...
The vulnerability of the dname_pkt_copy function in the DNS server Unbound, allowing a hacker to cause a service failure
The vulnerability of the dnamepktcopy function in the Unbound DNS server involves executing a loop with an unreachable exit condition. Exploiting this vulnerability could allow a malicious actor to cause service failures...
Unbound 安全漏洞
Unbound is a DNS resolver that supports validation, recursion, and caching features. An infinite loop vulnerability exists in dnamepktcopy in Unbound versions prior to 1.9.5. An attacker can exploit this vulnerability by compressing names to cause an infinite loop...