VYPR
High severity7.3NVD Advisory· Published May 11, 2026· Updated May 13, 2026

CVE-2026-2291

CVE-2026-2291

Description

dnsmasqs extract_name() function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

10

Patches

Vulnerability mechanics

References

7

News mentions

1