You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2026-42923
About this tag
CVE-2026-42923 is a medium-severity degradation-of-service vulnerability in NLnet Labs Unbound, disclosed in May 2026. The flaw involves DNSSEC NSEC3 hash loops that can cause excessive hash calculations, degrading resolver availability under attacker-controlled conditions. It affects Unbound through version 1.25.0. While not a remote code execution or credential theft bug, it is an infrastructure weakness that can reduce DNS resolver performance. Windows administrators running Unbound should apply the fix to prevent operational impact. The tag covers discussions of the vulnerability, its DNSSEC validation mechanics, and remediation steps for Windows environments.
Microsoft has listed CVE-2026-42923, disclosed on May 20, 2026, as a degradation-of-service flaw in NLnet Labs Unbound, where vulnerable DNSSEC validation can spend excessive time on NSEC3 hash calculations and intermittently reduce resolver availability under attacker-controlled conditions. The...
CVE-2026-42923 is a medium-severity DNSSEC validation flaw disclosed in May 2026 affecting NLnet Labs Unbound through version 1.25.0, where specially crafted NSEC3 records can force excessive hash calculations and degrade resolver availability over the network. It is not the sort of bug that...