CVE-2026-28810

Name of the Vulnerable Software and Affected Versions Erlang/OTP versions 17.0 through 28.4.2, 27.3.4.10 and 26.2.5.19

Description A predictable number generation issue in the Erlang/OTP kernel's inet res and inet db modules allows for DNS cache poisoning. The built-in DNS resolver uses a sequential transaction ID for UDP queries and lacks source port randomization. Validation relies heavily on this ID, making it possible for an attacker to forge DNS responses if they can observe a query or predict the next ID. This is inconsistent with RFC 5452 recommendations. The inet res resolver is designed for trusted network environments and with trusted recursive resolvers. The affected program files are lib/kernel/src/inet db.erl and lib/kernel/src/inet res.erl.

Recommendations Install Erlang nodes in a trusted network protected from DNS reply spoofing by firewalls, and configure the inet res resolver to communicate only with trusted recursive name servers within that network.