You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
unbound cve
About this tag
The unbound cve tag covers security vulnerabilities in the Unbound DNS resolver, particularly CVE-2026-40622 disclosed by NLnet Labs. This medium-severity flaw affects Unbound versions 1.16.2 through 1.25.0, allowing revoked ghost domain names to persist in the resolver cache under specific attacker-controlled DNS conditions. While not a Microsoft Windows vulnerability, it is relevant to Windows networks because DNS is a critical dependency for enterprise control planes. The tag highlights how cache correctness impacts security, emphasizing that even after revocation, a supposedly dead domain can continue to resolve. Discussions focus on the practical implications for network administrators and the importance of updating to Unbound 1.25.1 to mitigate the issue.
NLnet Labs disclosed CVE-2026-40622 on May 20, 2026, as a medium-severity flaw in Unbound versions 1.16.2 through 1.25.0 that can extend the life of revoked “ghost” domain names in resolver cache under specific attacker-controlled DNS conditions. The bug is not a Microsoft Windows vulnerability...