MNBSD-2026-14: Vulnerability in unbound DNS

Severity: Unknown

Affected Package: unbound

Summary: Vulnerability in unbound DNS

Description

Additional fix for CVE-2025-11411 (possible domain hijacking attack), to include YXDOMAIN and non-referral nodata answers in the mitigation as well, reported by TaoFei Guo from Peking University, Yang Luo and JianJun Chen from Tsinghua University.

Affected Versions

unbound

Specific versions:

Recommendations

No specific recommendations provided.

References

Additional Information

Aliases: CVE-2025-11411

Published: May 21, 2026
Last Modified: May 21, 2026