CVE-2026-10846
HighCVSS 7.5Exploitation Probability (EPSS)
Low risk9th percentile - higher than 9% of all known CVEs
Summary
Versions of ldns from 1.2.0 to 1.9.0 have a vulnerability that allows off-path poisoning attacks. The issue is due to the lack of verification of the query destination address and port in the response, posing a risk to applications using ldns as a resolver.
Risk Assessment
Organizations using ldns in applications may be exposed to attacks that could lead to DNS response manipulation, potentially redirecting traffic to malicious servers.
Recommendation
It is recommended to update ldns to the latest version to mitigate the risk associated with this vulnerability and to implement additional DNS response verification mechanisms.
Original NVD description (English source)
NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as (stub) resolver over UDP, lacks matching the query destination address and port with the response source address and port. Furthermore not the query ID, neither the question of the query is matched with that of the response. This makes applications, that use ldns for (stub) resolver functionality over UDP, vulnerable for off-path poisoning attacks. The drill tool, which is shipped with ldns, suffers from this vulnerability.

