Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| NLnet Labs | NSD | unaffected |
|
No data.
No data.
OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.
No data.
Project Subscriptions
No data.
No advisories yet.
Solution
This issue is fixed starting with version 4.14.3.
Workaround
No workaround given by the vendor.
| Link | Providers |
|---|---|
| https://www.nlnetlabs.nl/downloads/nsd/CVE-2026-12246.txt |
|
Thu, 25 Jun 2026 06:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | NSD version 4.14.0 introduced a bug where a specially crafted APL RR, with an adflength larger than permitted for the address family will overwrite the stack when the zone is written to disk, with a maximum of 111 attacker controlled bytes. | |
| Title | Out of bounds stack write with crafted APL RR | |
| Weaknesses | CWE-120 CWE-20 |
|
| References |
| |
| Metrics |
cvssV4_0
|
Projects
Sign in to view the affected projects.
MITRE
Status: PUBLISHED
Assigner: NLnet Labs
Published:
Updated: 2026-06-25T05:24:29.512Z
Reserved: 2026-06-15T06:47:44.761Z
Link: CVE-2026-12246
Vulnrichment
No data.
NVD
No data.
Redhat
No data.
OpenCVE Enrichment
Updated: 2026-06-25T08:00:15Z