Medium severity5.3NVD Advisory· Published May 11, 2026· Updated May 12, 2026
CVE-2026-4891
CVE-2026-4891
Description
A heap-based out-of-bounds read vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
10- osv-coords9 versionspkg:apk/chainguard/dnsmasqpkg:apk/chainguard/dnsmasq-docpkg:apk/wolfi/dnsmasqpkg:apk/wolfi/dnsmasq-docpkg:rpm/almalinux/dnsmasqpkg:rpm/almalinux/dnsmasq-utilspkg:rpm/opensuse/dnsmasq&distro=openSUSE%20Tumbleweedpkg:rpm/suse/dnsmasq&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/dnsmasq&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5
< 2.93-r0+ 8 more
- (no CPE)range: < 2.93-r0
- (no CPE)range: < 2.93-r0
- (no CPE)range: < 2.93-r0
- (no CPE)range: < 2.93-r0
- (no CPE)range: < 2.90-7.el10_2
- (no CPE)range: < 2.90-7.el10_2
- (no CPE)range: < 2.92rel2-1.1
- (no CPE)range: < 2.92rel2-18.27.1
- (no CPE)range: < 2.92rel2-18.27.1
Patches
Vulnerability mechanics
References
6News mentions
2- OpenAI Expands Daybreak With GPT-5.5-Cyber to Help Defenders Patch Security FlawsThe Hacker News · Jun 23, 2026
- ⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and MoreThe Hacker News · May 18, 2026