CVE-2026-4891

Description

A heap-based out-of-bounds read vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet.

References

• https://thekelleys.org.uk/dnsmasq/
• https://www.kb.cert.org/vuls/id/471747