CVE-2025-11411

Name of the Vulnerable Software and Affected Versions NLnet Labs Unbound versions up to and including 1.24.0

Description Unbound is susceptible to domain hijack attacks through the manipulation of DNS responses. Specifically, maliciously crafted NS Resource Record Sets (RRSets) included in replies can cause the resolver to update its delegation information, potentially leading to a zone transfer. An attacker could exploit this by injecting NS RRSets, possibly through packet spoofing or fragmentation attacks, causing Unbound to update its existing NS RRSet data due to the perceived trustworthiness of the injected information.

Recommendations Update to version 1.24.1 or later.