CVE-2026-41292

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2026-41292
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-41292.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2026-41292
Downstream
Related
Published
2026-05-20T10:16:27.327Z
Modified
2026-06-06T07:44:12.748010629Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to a degradation of service attack related to parsing long lists of incoming EDNS options. An adversary sending queries with too many EDNS options can hold Unbound threads hostage while they are parsing and creating internal data structures for the options. Coordinated attacks can result in degradation and/or denial of service. Unbound 1.25.1 contains a patch with a fix to limit acceptable incoming EDNS options (100).

References

Affected packages

Git / github.com/nlnetlabs/unbound

Affected ranges

Type
GIT
Repo
https://github.com/nlnetlabs/unbound
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
75b6dba593d4fff000434cd64807c6ebd50bd244
Database specific 
{
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "1.25.1"
        }
    ],
    "cpe": "cpe:2.3:a:nlnetlabs:unbound:*:*:*:*:*:*:*:*",
    "source": "CPE_RANGE"
}

Affected versions

1.*
1.11.0rc1
Other
final-svn-state
release-0.*
release-0.0
release-0.1
release-0.10
release-0.11
release-0.3
release-0.4
release-0.5
release-0.6
release-0.7
release-0.8
release-1.*
release-1.0.1
release-1.1.1
release-1.10.0rc1
release-1.10.0rc2
release-1.11.0
release-1.11.0rc1
release-1.12.0
release-1.12.0rc1
release-1.13.0rc1
release-1.13.0rc2
release-1.13.0rc3
release-1.13.0rc4
release-1.13.1
release-1.13.1rc1
release-1.13.1rc2
release-1.13.2
release-1.13.2rc1
release-1.14.0
release-1.14.0rc1
release-1.15.0
release-1.15.0rc1
release-1.16.0
release-1.16.0rc1
release-1.16.1
release-1.16.1rc1
release-1.16.2
release-1.18.0
release-1.18.0rc1
release-1.19.0
release-1.19.0rc1
release-1.19.3rc1
release-1.20.0
release-1.20.0rc1
release-1.21.0
release-1.21.0rc1
release-1.22.0
release-1.22.0rc1
release-1.23.0rc1
release-1.24.0
release-1.24.0rc1
release-1.25.0
release-1.25.0rc1
release-1.3.1
release-1.3.2
release-1.3.3
release-1.3.3rc1
release-1.4.0
release-1.4.0rc1
release-1.4.1
release-1.4.11
release-1.4.11rc1
release-1.4.11rc2
release-1.4.11rc3
release-1.4.12rc1
release-1.4.13
release-1.4.13rc1
release-1.4.13rc2
release-1.4.14
release-1.4.14rc1
release-1.4.17
release-1.4.17rc1
release-1.4.18rc1
release-1.4.18rc2
release-1.4.19
release-1.4.19rc1
release-1.4.2
release-1.4.20
release-1.4.22
release-1.4.22rc1
release-1.4.3
release-1.4.4
release-1.4.4rc1
release-1.4.5
release-1.4.5rc1
release-1.4.6
release-1.4.6rc1
release-1.4.7
release-1.4.7rc1
release-1.4.8rc1
release-1.4.9
release-1.4.9rc1
release-1.5.0rc1
release-1.5.1
release-1.5.10
release-1.5.10rc1
release-1.5.1rc1
release-1.5.1rc2
release-1.5.2
release-1.5.2rc1
release-1.5.3rc1
release-1.5.4
release-1.5.4rc1
release-1.5.5
release-1.5.5rc1
release-1.5.6
release-1.5.6rc1
release-1.5.7
release-1.5.8
release-1.5.8rc1
release-1.5.9rc1
release-1.6.0rc1
release-1.6.1rc1
release-1.6.1rc2
release-1.6.1rc3
release-1.6.2rc1
release-1.6.4rc1
release-1.6.4rc2
release-1.6.6rc1
release-1.6.6rc2
release-1.6.7
release-1.6.7rc1
release-1.7.0rc1
release-1.7.0rc2
release-1.7.0rc3
release-1.7.1rc1
release-1.7.2rc1
release-1.7.3rc1
release-1.8.0rc1
release-1.8.1rc1
release-1.8.2rc1
release-1.9.0rc1
release-1.9.1rc1
release-1.9.2
release-1.9.2rc1
release-1.9.2rc2
release-1.9.2rc3
release-1.9.3
release-1.9.3rc1
release-1.9.3rc2
release-1.9.6
release-1.9.6rc1

Database specific

vanir_signatures 
[
    {
        "digest": {
            "function_hash": "26148135886169857913239956572075736548",
            "length": 1502.0
        },
        "id": "CVE-2026-41292-7cb89fac",
        "signature_version": "v1",
        "target": {
            "file": "services/rpz.c",
            "function": "rpz_callback_from_iterator_module"
        },
        "deprecated": false,
        "signature_type": "Function",
        "source": "https://github.com/nlnetlabs/unbound/commit/75b6dba593d4fff000434cd64807c6ebd50bd244"
    },
    {
        "digest": {
            "line_hashes": [
                "108481287081154918060659085654141150584",
                "73953166938600086918224773195867549742",
                "15251087855327528788980657535362970158",
                "48532896601082718174781974683716349061",
                "287248990686482337183326495344180868363",
                "112058947495561481565691171486557666856",
                "238258467286774268681997190612827183971",
                "126648031849056156900266153546629664662",
                "335401097143186200364020904286165936708",
                "336096779053276656395004922884987906159",
                "248876396313049466881138460638611830858",
                "293135123655960925553682804594622081358",
                "298612071867479354827766089224387452786",
                "217265304546593372824910550975155656654",
                "13292601781282786772501437491204364169",
                "281286782737850123600796590480125479595",
                "74511316679551775089931390035715335201",
                "161066344018382590627892027575409612852",
                "226343512543910522766563315515650712879"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2026-41292-a3b17d2e",
        "signature_version": "v1",
        "target": {
            "file": "services/rpz.c"
        },
        "deprecated": false,
        "signature_type": "Line",
        "source": "https://github.com/nlnetlabs/unbound/commit/75b6dba593d4fff000434cd64807c6ebd50bd244"
    }
]
source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-41292.json"
vanir_signatures_modified 
"2026-05-31T03:35:35Z"