Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| NLnet Labs | NSD | unaffected |
|
No data.
No data.
OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.
No data.
Project Subscriptions
No data.
No advisories yet.
Solution
This issue is fixed starting with version 4.14.3.
Workaround
No workaround given by the vendor.
| Link | Providers |
|---|---|
| https://www.nlnetlabs.nl/downloads/nsd/CVE-2026-12245.txt |
|
Thu, 25 Jun 2026 06:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | NSD from version 4.13.0 has a heap use-after-free bug in logging errors on TLS connections, causing a crash of the server process, which can be triggered trivially by sending a DNS query over a DoT connection, and closing the connection without reading the response. | |
| Title | Denial of DNS over TLS service by any DoT client | |
| Weaknesses | CWE-416 | |
| References |
| |
| Metrics |
cvssV4_0
|
Projects
Sign in to view the affected projects.
MITRE
Status: PUBLISHED
Assigner: NLnet Labs
Published:
Updated: 2026-06-25T05:24:18.620Z
Reserved: 2026-06-15T06:47:18.496Z
Link: CVE-2026-12245
Vulnrichment
No data.
NVD
No data.
Redhat
No data.
OpenCVE Enrichment
Updated: 2026-06-25T07:30:17Z