CRITICAL10.0CVE-2026-42960NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section. from 0, < 1.25.1-r0
CRITICAL9.8CVE-2026-33278NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and… from 0, < 1.25.1-r0
HIGH7.5CVE-2026-42959NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a cras… from 0, < 1.25.1-r0
HIGH7.5NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a vulnerability that results in heap overflow when encoding multiple NSID…
from 0, < 1.25.1-r0
HIGH7.5NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to a degradation of service attack related to parsing long lists of inc…
from 0, < 1.25.1-r0
HIGH7.5NLnet Labs Unbound 1.16.2 up to and including version 1.25.0 has a vulnerability of the 'ghost domain names' family of attacks that could e…
from 0, < 1.25.1-r0
HIGH7.5unbound - security update
from 0, < 1.20.0-r0
HIGH7.5NLnet Labs Unbound version 1.18.0 up to and including version 1.19.1 contain a vulnerability that can cause denial of service by a certain…
from 0, < 1.19.2-r0
HIGH7.5The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a de…
from 0, < 1.19.1-r0
HIGH7.5pdns-recursor - security update
from 0, < 1.19.1-r0
HIGH7.5A vulnerability named 'Non-Responsive Delegation Attack' (NRDelegation Attack) has been discovered in various DNS resolving software.
from 0, < 1.16.3-r0
HIGH7.5Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers.
from 0, < 1.9.1-r8
HIGH7.5unbound - security update
from 0, < 1.9.1-r8
HIGH7.5unbound - security update
from 0, < 1.9.1-r3
HIGH7.3Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially cra…
from 0, < 1.9.1-r4
MEDIUM6.5NLnet Labs Unbound, up to and including version 1.16.1, is vulnerable to a novel type of the "ghost domain names" attack.
from 0, < 1.16.2-r0
MEDIUM6.5NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the "ghost domain names" attack.
from 0, < 1.16.2-r0
MEDIUM5.9NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a locking inconsistency vulnerability that when certain conditions are met…
from 0, < 1.25.1-r0
MEDIUM5.3NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability when handling replies with very large RRsets that Unbound needs t…
from 0, < 1.25.1-r0
MEDIUM5.3NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability in the DNSSEC validator where the code path to consult the negati…
from 0, < 1.25.1-r0
MEDIUM5.3NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability in the jostle logic that could defeat its purpose and degrade res…
from 0, < 1.25.1-r0
MEDIUM5.3NLnet Labs Unbound 1.6.2 up to and including version 1.25.0 has a denial of service vulnerability when compiled with DNSCrypt support ('--e…
from 0, < 0
MEDIUM5.3unbound - security update
from 0, < 1.20.0-r1
—unbound - security update
from 0, < 1.20.0-r2
—A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Su…
from 0, < 1.20.0-r2