CVE-2026-42960
- Source
- https://cve.org/CVERecord?id=CVE-2026-42960
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-42960.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2026-42960
- Downstream
- Related
- Published
- 2026-05-20T10:16:28.037Z
- Modified
- 2026-06-06T07:44:12.178858454Z
- Severity
-
- 10.0 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section. Promiscuous RRSets that complement DNS replies in the authority section can be used to trick Unbound to cache such records. If an adversary is able to attach such records in a reply (i.e., spoofed packet, fragmentation attack) he would be able to poison Unbound's cache. A malicious actor can exploit the possible poisonous effect by injecting RRSets other than NS that are also accompanied by address records in a reply, for example MX. This could be achieved by trying to spoof a reply packet or fragmentation attacks. Unbound would then accept the relative address records in the additional section and cache them if the authority RRSet has enough trust at this point, i.e., in-zone data for the delegation point. Unbound 1.25.1 contains a patch with a fix that disregards address records from the additional section if they are not explicitly relevant only to authority NS records, mitigating the possible poison effect. This is a complement fix to CVE-2025-11411.
- References
Affected packages
Git / github.com/nlnetlabs/unbound
Affected ranges
- Type
- GIT
- Repo
- https://github.com/nlnetlabs/unbound
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
- Database specific
{ "extracted_events": [ { "introduced": "0" }, { "fixed": "1.25.1" } ], "cpe": "cpe:2.3:a:nlnetlabs:unbound:*:*:*:*:*:*:*:*", "source": "CPE_RANGE" }
Affected versions
1.*
1.11.0rc1
Other
final-svn-state
release-0.*
release-0.0
release-0.1
release-0.10
release-0.11
release-0.3
release-0.4
release-0.5
release-0.6
release-0.7
release-0.8
release-1.*
release-1.0.1
release-1.1.1
release-1.10.0rc1
release-1.10.0rc2
release-1.11.0
release-1.11.0rc1
release-1.12.0
release-1.12.0rc1
release-1.13.0rc1
release-1.13.0rc2
release-1.13.0rc3
release-1.13.0rc4
release-1.13.1
release-1.13.1rc1
release-1.13.1rc2
release-1.13.2
release-1.13.2rc1
release-1.14.0
release-1.14.0rc1
release-1.15.0
release-1.15.0rc1
release-1.16.0
release-1.16.0rc1
release-1.16.1
release-1.16.1rc1
release-1.16.2
release-1.18.0
release-1.18.0rc1
release-1.19.0
release-1.19.0rc1
release-1.19.3rc1
release-1.20.0
release-1.20.0rc1
release-1.21.0
release-1.21.0rc1
release-1.22.0
release-1.22.0rc1
release-1.23.0rc1
release-1.24.0
release-1.24.0rc1
release-1.25.0
release-1.25.0rc1
release-1.3.1
release-1.3.2
release-1.3.3
release-1.3.3rc1
release-1.4.0
release-1.4.0rc1
release-1.4.1
release-1.4.11
release-1.4.11rc1
release-1.4.11rc2
release-1.4.11rc3
release-1.4.12rc1
release-1.4.13
release-1.4.13rc1
release-1.4.13rc2
release-1.4.14
release-1.4.14rc1
release-1.4.17
release-1.4.17rc1
release-1.4.18rc1
release-1.4.18rc2
release-1.4.19
release-1.4.19rc1
release-1.4.2
release-1.4.20
release-1.4.22
release-1.4.22rc1
release-1.4.3
release-1.4.4
release-1.4.4rc1
release-1.4.5
release-1.4.5rc1
release-1.4.6
release-1.4.6rc1
release-1.4.7
release-1.4.7rc1
release-1.4.8rc1
release-1.4.9
release-1.4.9rc1
release-1.5.0rc1
release-1.5.1
release-1.5.10
release-1.5.10rc1
release-1.5.1rc1
release-1.5.1rc2
release-1.5.2
release-1.5.2rc1
release-1.5.3rc1
release-1.5.4
release-1.5.4rc1
release-1.5.5
release-1.5.5rc1
release-1.5.6
release-1.5.6rc1
release-1.5.7
release-1.5.8
release-1.5.8rc1
release-1.5.9rc1
release-1.6.0rc1
release-1.6.1rc1
release-1.6.1rc2
release-1.6.1rc3
release-1.6.2rc1
release-1.6.4rc1
release-1.6.4rc2
release-1.6.6rc1
release-1.6.6rc2
release-1.6.7
release-1.6.7rc1
release-1.7.0rc1
release-1.7.0rc2
release-1.7.0rc3
release-1.7.1rc1
release-1.7.2rc1
release-1.7.3rc1
release-1.8.0rc1
release-1.8.1rc1
release-1.8.2rc1
release-1.9.0rc1
release-1.9.1rc1
release-1.9.2
release-1.9.2rc1
release-1.9.2rc2
release-1.9.2rc3
release-1.9.3
release-1.9.3rc1
release-1.9.3rc2
release-1.9.6
release-1.9.6rc1
Database specific
vanir_signatures
[
{
"digest": {
"function_hash": "26148135886169857913239956572075736548",
"length": 1502.0
},
"id": "CVE-2026-42960-7cb89fac",
"signature_version": "v1",
"target": {
"file": "services/rpz.c",
"function": "rpz_callback_from_iterator_module"
},
"deprecated": false,
"signature_type": "Function",
"source": "https://github.com/nlnetlabs/unbound/commit/75b6dba593d4fff000434cd64807c6ebd50bd244"
},
{
"digest": {
"line_hashes": [
"108481287081154918060659085654141150584",
"73953166938600086918224773195867549742",
"15251087855327528788980657535362970158",
"48532896601082718174781974683716349061",
"287248990686482337183326495344180868363",
"112058947495561481565691171486557666856",
"238258467286774268681997190612827183971",
"126648031849056156900266153546629664662",
"335401097143186200364020904286165936708",
"336096779053276656395004922884987906159",
"248876396313049466881138460638611830858",
"293135123655960925553682804594622081358",
"298612071867479354827766089224387452786",
"217265304546593372824910550975155656654",
"13292601781282786772501437491204364169",
"281286782737850123600796590480125479595",
"74511316679551775089931390035715335201",
"161066344018382590627892027575409612852",
"226343512543910522766563315515650712879"
],
"threshold": 0.9
},
"id": "CVE-2026-42960-a3b17d2e",
"signature_version": "v1",
"target": {
"file": "services/rpz.c"
},
"deprecated": false,
"source": "https://github.com/nlnetlabs/unbound/commit/75b6dba593d4fff000434cd64807c6ebd50bd244",
"signature_type": "Line"
}
]
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-42960.json"
vanir_signatures_modified
"2026-06-02T08:21:46Z"