AlmaLinux 9 : unbound (ALSA-2026:24369)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:24369 advisory. unbound: Heap overflow and crash with multiple nsid, cookie, padding EDNS options CVE-2026-42944 unbound: Unbound DNSSEC Validator Denial of Service via...

unbound: Unbound DNSSEC Validator Denial of Service via Incorrect Write Offset Counter in Chase-Reply Messages

A flaw was found in Unbound's DNSSEC validator when constructing chase-reply messages for validation. The code uses the wrong counter to calculate write offsets for ADDITIONAL section resource record sets. When a DNAME chain is combined with authority filtering, an uninitialized array slot is...

Amazon Linux 2023 : python3-unbound, unbound, unbound-anchor (ALAS2023-2026-1756)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1756 advisory. NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep...

CVE-2026-33278

NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep copying a data structure and erroneously overwriting a destination pointer. An adversary can exploit the...

CVE-2026-44390

NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability when handling replies with very large RRsets that Unbound needs to perform name compression for. Malicious upstream responses with very large RRsets with records that don't share a suffix above the root can cause Unbound to...

CVE-2026-42923 Degradation of service with unbounded NSEC3 hash calculations

NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability in the DNSSEC validator where the code path to consult the negative cache for DS records does not take into account the limit on NSEC3 hash calculations introduced in 1.19.1. This leads to degradation of service during the...

CVE-2026-32792

NLnet Labs Unbound 1.6.2 up to and including version 1.25.0 has a denial of service vulnerability when compiled with DNSCrypt support '--enable-dnscrypt'. A bad DNSCrypt query could underflow Unbound's DNSCrypt packet reading procedure that may lead to heap overflow. A malicious actor can exploit...

CVE-2026-32792

NLnet Labs Unbound 1.6.2 up to and including version 1.25.0 has a denial of service vulnerability when compiled with DNSCrypt support '--enable-dnscrypt'. A bad DNSCrypt query could underflow Unbound's DNSCrypt packet reading procedure that may lead to heap overflow. A malicious actor can exploit...

Fedora 43 : unbound (2025-16df491a66)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-16df491a66 advisory. Update to 1.24.1 - Enables DNS over QUIC server in unbound - Fix CVE-2025-11411, possible domain hijacking attack, reported by Yuxiao Wu, Yunyi Zhang, Baojun...

EUVD-2009-3979

Malware in sbrugna...

[SECURITY] [DLA 4280-1] unbound security update

Debian LTS Advisory DLA-4280-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin August 24, 2025 https://wiki.debian.org/LTS Package : unbound Version : 1.13.1-1+deb11u5 CVE ID : CVE-2024-33655 CVE-2025-5994 Debian Bug : 1109427 Vulnerabilities were found in unbound,...

DLA-4280-1 unbound - security update

Bulletin has no description...

RHSA-2025:12929 Red Hat Security Advisory: unbound security update

Bulletin has no description...

[SECURITY] Fedora 42 Update: unbound-1.23.1-1.fc42

Unbound is a validating, recursive, and caching DNSSEC resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modula...

RHSA-2025:8047 Red Hat Security Advisory: unbound security update

Bulletin has no description...

RHSA-2024:11170 Red Hat Security Advisory: unbound security update

Bulletin has no description...

RHSA-2024:11003 Red Hat Security Advisory: unbound security update

Bulletin has no description...

RHSA-2024:2696 Red Hat Security Advisory: unbound security update

Bulletin has no description...

PT-2024-5866 · Nlnet +5 · Unbound +5

Name of the Vulnerable Software and Affected Versions: Unbound affected versions not specified Description: A NULL pointer dereference flaw was found in the ub ctx set fwd function in Unbound. This issue could allow an attacker who can invoke specific sequences of API calls to cause a segmentatio...

SUSE CVE-2019-18934

Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with --enable-ipsecmod support, and ipsecmod is enabled and used in the configuration...