Skip to main content

DNS CVE-2026-27831

HIGH
Out-of-bounds Read (CWE-125)
2026-02-26 security-advisories@github.com
Denial Of Service Heap Overflow DNS
7.5
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 21:55 vuln.today
CVE Published
Feb 26, 2026 - 01:16 nvd
HIGH 7.5

DescriptionNVD

rldns is an open source DNS server. Version 1.3 has a heap-based out-of-bounds read that leads to denial of service. Version 1.4 contains a patch for the issue.

AnalysisAI

Heap buffer over-read vulnerability in rldns DNS server version 1.3 allows remote attackers to trigger denial of service without authentication or user interaction. The flaw enables reading beyond allocated memory boundaries, causing the service to crash. …

Sign in for full analysis, threat intelligence, and remediation guidance.

RemediationAI

Within 24 hours: Audit all systems running rldns v1.3 and document their criticality and dependency relationships. Within 7 days: Implement network segmentation to restrict DNS query sources, deploy query rate limiting, and enable detailed logging on affected systems for attack detection. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Share

CVE-2026-27831 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy