Cache Poisoning

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-28810 MEDIUM PATCH This Month

Erlang/OTP kernel inet_res DNS resolver uses predictable sequential transaction IDs and lacks source port randomization, enabling DNS cache poisoning attacks against systems relying on this resolver in untrusted network environments. Affects OTP 17.0 through 28.4.2 (and specific patch versions 27.3.4.10, 26.2.5.19); unauthenticated remote attackers who can observe or predict DNS query patterns can forge DNS responses to redirect traffic or execute man-in-the-middle attacks. Vendor-released patches available; no public exploit code or active exploitation confirmed.

Dns Cache Poisoning Otp
NVD GitHub VulDB
CVSS 4.0
6.3
EPSS
0.1%
CVE-2026-28810
EPSS 0% CVSS 6.3
MEDIUM PATCH This Month

Erlang/OTP kernel inet_res DNS resolver uses predictable sequential transaction IDs and lacks source port randomization, enabling DNS cache poisoning attacks against systems relying on this resolver in untrusted network environments. Affects OTP 17.0 through 28.4.2 (and specific patch versions 27.3.4.10, 26.2.5.19); unauthenticated remote attackers who can observe or predict DNS query patterns can forge DNS responses to redirect traffic or execute man-in-the-middle attacks. Vendor-released patches available; no public exploit code or active exploitation confirmed.

Dns Cache Poisoning Otp
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy