Vulnerabilities

CVE-2026-2291

by Fred · 11/05/2026

dnsmasqs extract_name() function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS.

More information : https://github.com/NixOS/nixpkgs/pull/519082

Similar

Tags: Cybersecurity Alert