vulnerability context

CVE-2026-12246

CWE-20OTX 1 pulse

NSD version 4.14.0 introduced a bug where a specially crafted APL RR, with an adflength larger than permitted for the address family will overwrite the stack when the zone is written to disk, with a maximum of 111 attacker controlled bytes.

Published 2026-06-25 · last modified 2026-06-25

details

CISA KEV status: Not in catalog
CWE: CWE-20
OTX pulses: 1 total, 0 recent

View on NVD → · cve.org

source mentions 2

Several vulnerabilities were found in NLnet Labs NSDoss-security · 1h ago
USN-8474-1: NSD vulnerabilitiesUbuntu Security Notices · 6h ago

source consensus

oss-security1×
Ubuntu Security Notices1×

Want the 3-bullet summary of CVE-2026-12246, plus webhook alerts when KEV is updated? Pro is $10/mo.

Open in reader See Pro →