MNBSD-2026-50: parsing a long list of incoming EDNS options degrades performance

Severity: Unknown

Affected Package: unbound

Summary: parsing a long list of incoming EDNS options degrades performance

Description

Parsing a long list of incoming EDNS options degrades performance, enabling a Denial of Service. Reported by GitHub user N0zoM1z0 and Qifan Zhang, Palo Alto Networks.

Affected Versions

unbound

Recommendations

No specific recommendations provided.

References

Additional Information

Aliases: CVE-2026-41292

Published: June 11, 2026
Last Modified: June 11, 2026