Known Vulnerabilities for products from Nlnetlabs

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Nlnetlabs".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2026-49235 json When Routinator encounters a file via RRDP using a specifically crafted Document Type Definition, Routinator crashes. Not Provided 2026-06-08 2026-06-12
CVE-2026-49234 json When sending a specifically crafted non-UTF-8 string as select-asn query parameter to the /api/v1/origins endpoint, Routinato... Not Provided 2026-06-08 2026-06-12
CVE-2026-49233 json Routinator does not properly check the module component of rsync URIs, which are used to create the file system paths for the... Not Provided 2026-06-08 2026-06-12
CVE-2026-44608 json NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a locking inconsistency vulnerability that when certain cond... Not Provided 2026-05-20 2026-05-20
CVE-2026-44390 json NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability when handling replies with very large RRsets that U... Not Provided 2026-05-20 2026-05-20
CVE-2026-42960 json NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority se... Not Provided 2026-05-20 2026-05-20
CVE-2026-42959 json NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can ... Not Provided 2026-05-20 2026-05-20
CVE-2026-42944 json NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a vulnerability that results in heap overflow when encoding ... Not Provided 2026-05-20 2026-05-20
CVE-2026-42923 json NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability in the DNSSEC validator where the code path to cons... Not Provided 2026-05-20 2026-05-20
CVE-2026-42534 json NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability in the jostle logic that could defeat its purpose a... Not Provided 2026-05-20 2026-05-20
CVE-2026-41292 json NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to a degradation of service attack related to parsing lon... Not Provided 2026-05-20 2026-05-20
CVE-2026-40622 json NLnet Labs Unbound 1.16.2 up to and including version 1.25.0 has a vulnerability of the 'ghost domain names' family of attack... Not Provided 2026-05-20 2026-05-26
CVE-2026-33278 json NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial ... Not Provided 2026-05-20 2026-05-20
CVE-2026-32792 json NLnet Labs Unbound 1.6.2 up to and including version 1.25.0 has a denial of service vulnerability when compiled with DNSCrypt... Not Provided 2026-05-20 2026-05-20
CVE-2023-39916 json NLnet Labs’ Routinator 0.9.0 up to and including 0.12.1 contains a possible path traversal vulnerability in the optional, o... 6.5 - MEDIUM 2023-09-13 2023-09-19
CVE-2023-39915 json NLnet Labs’ Routinator up to and including version 0.12.1 may crash when trying to parse certain malformed RPKI objects. Th... 7.5 - HIGH 2023-09-13 2023-09-15
CVE-2023-39914 json NLnet Labs’ bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than re... 7.5 - HIGH 2023-09-13 2023-09-15
CVE-2023-0158 json NLnet Labs Krill supports direct access to the RRDP repository content through its built-in web server at the "/rrdp" endpoin... 7.5 - HIGH 2023-01-17 2023-01-24
CVE-2022-30699 json NLnet Labs Unbound, up to and including version 1.16.1, is vulnerable to a novel type of the "ghost domain names" attack. The... 6.5 - MEDIUM 2022-08-01 2023-11-07
CVE-2022-30698 json NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the "ghost domain names" attack. The ... 6.5 - MEDIUM 2022-08-01 2023-11-07
Results limited to 20 most recent vulnerabilities

Known software with vulnerabilities from Nlnetlabs

Type Vendor Product Version
ApplicationNlnetlabsLdns0.50
ApplicationNlnetlabsName Server Daemon1.0.2
ApplicationNlnetlabsNsd3.0.0
ApplicationNlnetlabsRoutinator0.1.0
ApplicationNlnetlabsUnbound-
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report