Home

Description

NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to a degradation of service attack related to parsing long lists of incoming EDNS options. An adversary sending queries with too many EDNS options can hold Unbound threads hostage while they are parsing and creating internal data structures for the options. Coordinated attacks can result in degradation and/or denial of service. Unbound 1.25.1 contains a patch with a fix to limit acceptable incoming EDNS options (100).

PUBLISHED Reserved 2026-05-07 | Published 2026-05-20 | Updated 2026-05-20 | Assigner NLnet Labs




MEDIUM: 6.6CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Red

Problem types

CWE-407: Inefficient Algorithmic Complexity

CWE-770: Allocation of Resources Without Limits or Throttling

Product status

Default status
unaffected

Any version before 1.25.1
affected

Timeline

2026-01-11:Issue reported by N0zoM1z0
2026-01-12:NLnet Labs shares patch
2026-01-13:N0zoM1z0 verifies patch
2026-04-26:Issue also reported by Qifan Zhang
2026-04-28:NLnet Labs shares same patch
2026-04-29:Qifan Zhang verifies patch
2026-05-20:Fixes released with version 1.25.1

Credits

GitHub user N0zoM1z0 finder

Qifan Zhang (Palo Alto Networks) finder

References

www.nlnetlabs.nl/downloads/unbound/CVE-2026-41292.txt vendor-advisory

cve.org (CVE-2026-41292)

nvd.nist.gov (CVE-2026-41292)

Download JSON