You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2025 11411
About this tag
CVE-2025-11411 is a critical cache-poisoning vulnerability in the Unbound DNS resolver, disclosed by NLnet Labs. It allows crafted DNS responses with promiscuous NS resource record sets in the authority section to poison delegation data, potentially enabling domain hijacking of non-DNSSEC zones. An emergency patch was released in Unbound version 1.2 to address this issue. On WindowsForum.com, discussions cover the technical details of the vulnerability, its impact on DNS security, and steps to apply the patch. The tag is relevant for IT professionals and system administrators managing Unbound on Windows or other platforms who need to understand and mitigate this DNS delegation poisoning threat.
NLnet Labs has released an emergency patch for Unbound after researchers disclosed CVE-2025-11411, a cache‑poisoning class vulnerability that lets crafted responses carrying promiscuous NS resource record sets (RRSets) in the DNS authority section trick resolvers into updating delegation data —...