VYPR
High severity7.3NVD Advisory· Published May 11, 2026· Updated May 13, 2026

CVE-2026-5172

CVE-2026-5172

Description

A buffer overflow in dnsmasq’s extract_addresses() function allows an attacker to trigger a heap out-of-bounds read and crash by exploiting a malformed DNS response, enabling extract_name() to advance the pointer past the record’s end.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

10

Patches

Vulnerability mechanics

References

6

News mentions

2