ZNC is vulnerable to denial of service. An attacker is able to crash the application using via a NULL pointer dereference vulnerability if echo-message is not enabled and there is no network.
github.com/znc/znc/commit/2390ad111bde16a78c98ac44572090b33c3bd2d8
github.com/znc/znc/commit/d229761821da38d984a9e4098ad96842490dc001
lists.fedoraproject.org/archives/list/[email protected]/message/DNVBE4T2DRJRQHFRMHYBTN4OSOL6DBHR/
lists.fedoraproject.org/archives/list/[email protected]/message/HS3DWGXLVRROQQA57UIPMDM6XMVEMBRA/