CVE-2026-1678
published 2026-03-05CVE-2026-1678: dns_unpack_name() caches the buffer tailroom once and reuses it while appending DNS labels. As the buffer grows, the cached size becomes incorrect, and the…
PriorityP353critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.38%
29.4th percentile
dns_unpack_name() caches the buffer tailroom once and reuses it while appending DNS labels. As the buffer grows, the cached size becomes incorrect, and the final null terminator can be written past the buffer. With assertions disabled (default), a malicious DNS response can trigger an out-of-bounds write when CONFIG_DNS_RESOLVER is enabled.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| zephyrproject-rtos | zephyr | * – 4.3 | — |
| zephyrproject | zephyr | <= 4.3.0 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No advisories linked to this vulnerability.
No detection rules found.
No public exploits indexed.
Checkpoint
25th January – Threat Intelligence Report
blogs_checkpoint·2021-01-25
CVE-2021-1678 25th January – Threat Intelligence Report
Latest Publications
CPR Podcast Channel
AI Research
Web 3.0 Security
Intelligence Reports
ThreatCloud AI
Threat Intelligence & Research
Zero Day Protection
Sandblast File Analysis
About Us
SUBSCRIBE
2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
## 25th January – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 25th January, please download our Threat Intelligence Bulletin .
Top Attacks and Breaches
The CHwapi hospital in Belgium has been hit by BitLocker, encrypting 40 of its servers and 100 TB of data. The attack caused the hospital to redirect patients and delay surgical procedures.
Check Point SandBlast Agent provides protection against this threat
Cybersecurity firm SonicWall has suffered an attack on its inte
Wiz
CVE-2026-1678 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 9.4
CVE-2026-1678 [CRITICAL] CVE-2026-1678 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-1678 :
NixOS vulnerability analysis and mitigation
dns_unpack_name() caches the buffer tailroom once and reuses it while appending DNS labels. As the buffer grows, the cached size becomes incorrect, and the final null terminator can be written past the buffer. With assertions disabled (default), a malicious DNS response can trigger an out-of-bounds write when CONFIG_DNS_RESOLVER is enabled.
Source : NVD
## 9.8
Score
Published March 5, 2026
Severity CRITICAL
CNA Score 9.4
Affected Technologies
NixOS
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 18.2
Exploitation Probability (EPSS) 0.1
Affected packages and libraries
zephyr
Sources
NVD
Nix Severity CRITICAL No Fix Ad
2026-03-05
Published