cbcvebase.
CVE-2026-41292
published 2026-05-20

CVE-2026-41292: NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to a degradation of service attack related to parsing long lists of incoming EDNS options…

PriorityP342high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
0.56%
42.2th percentile
NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to a degradation of service attack related to parsing long lists of incoming EDNS options. An adversary sending queries with too many EDNS options can hold Unbound threads hostage while they are parsing and creating internal data structures for the options. Coordinated attacks can result in degradation and/or denial of service. Unbound 1.25.1 contains a patch with a fix to limit acceptable incoming EDNS options (100).

Affected

8 ranges
VendorProductVersion rangeFixed in
nlnet_labsunbound< 1.25.11.25.1
nlnetlabsunbound< 1.25.11.25.1
nlnetlabsunbound
rhoso-operatorsdesignate-rhel9-operator
rhosoopenstack-unbound-rhel9
rhosp-rhel8-tech-previewopenstack-unbound
rhosp-rhel9openstack-unbound
ubuntuunbound

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv4.06.6MEDIUMCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red
vendor_redhat7.5HIGH
vendor_ubuntu4.6MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.