Amazon Linux 2023 : python3-unbound, unbound, unbound-anchor (ALAS2023-2026-1756)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1756 advisory. NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep...

CVE-2026-33278

NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep copying a data structure and erroneously overwriting a destination pointer. An adversary can exploit the...

CVE-2026-44390

NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability when handling replies with very large RRsets that Unbound needs to perform name compression for. Malicious upstream responses with very large RRsets with records that don't share a suffix above the root can cause Unbound to...

CVE-2026-42923 Degradation of service with unbounded NSEC3 hash calculations

NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability in the DNSSEC validator where the code path to consult the negative cache for DS records does not take into account the limit on NSEC3 hash calculations introduced in 1.19.1. This leads to degradation of service during the...

CVE-2026-32792

NLnet Labs Unbound 1.6.2 up to and including version 1.25.0 has a denial of service vulnerability when compiled with DNSCrypt support '--enable-dnscrypt'. A bad DNSCrypt query could underflow Unbound's DNSCrypt packet reading procedure that may lead to heap overflow. A malicious actor can exploit...

CVE-2026-32792

NLnet Labs Unbound 1.6.2 up to and including version 1.25.0 has a denial of service vulnerability when compiled with DNSCrypt support '--enable-dnscrypt'. A bad DNSCrypt query could underflow Unbound's DNSCrypt packet reading procedure that may lead to heap overflow. A malicious actor can exploit...

Fedora 43 : unbound (2025-16df491a66)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-16df491a66 advisory. Update to 1.24.1 - Enables DNS over QUIC server in unbound - Fix CVE-2025-11411, possible domain hijacking attack, reported by Yuxiao Wu, Yunyi Zhang, Baojun...

EUVD-2009-3979

Malware in sbrugna...

[SECURITY] [DLA 4280-1] unbound security update

Debian LTS Advisory DLA-4280-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin August 24, 2025 https://wiki.debian.org/LTS Package : unbound Version : 1.13.1-1+deb11u5 CVE ID : CVE-2024-33655 CVE-2025-5994 Debian Bug : 1109427 Vulnerabilities were found in unbound,...

DLA-4280-1 unbound - security update

Bulletin has no description...

RHSA-2025:12929 Red Hat Security Advisory: unbound security update

Bulletin has no description...

[SECURITY] Fedora 42 Update: unbound-1.23.1-1.fc42

Unbound is a validating, recursive, and caching DNSSEC resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modula...

RHSA-2025:8047 Red Hat Security Advisory: unbound security update

Bulletin has no description...

RHSA-2024:11170 Red Hat Security Advisory: unbound security update

Bulletin has no description...

RHSA-2024:11003 Red Hat Security Advisory: unbound security update

Bulletin has no description...

RHSA-2024:2696 Red Hat Security Advisory: unbound security update

Bulletin has no description...

PT-2024-5866 · Nlnet +5 · Unbound +5

Name of the Vulnerable Software and Affected Versions: Unbound affected versions not specified Description: A NULL pointer dereference flaw was found in the ub ctx set fwd function in Unbound. This issue could allow an attacker who can invoke specific sequences of API calls to cause a segmentatio...

SUSE CVE-2019-18934

Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with --enable-ipsecmod support, and ipsecmod is enabled and used in the configuration...

CVE-2022-3204

A vulnerability named 'Non-Responsive Delegation Attack' NRDelegation Attack has been discovered in various DNS resolving software. The NRDelegation Attack works by having a malicious delegation with a considerable number of non responsive nameservers. The attack starts by querying a resolver for...

PT-2022-6741 · Nlnet +8 · Unbound +8

Name of the Vulnerable Software and Affected Versions: Unbound versions prior to 1.16.3 Description: The issue is related to a Non-Responsive Delegation Attack NRDelegation Attack that affects various DNS resolving software, including Unbound. This attack involves a malicious delegation with a...