CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-45674

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's DnsResolveContext fails to validate the origin (bailiwick) of CNAME records in DNS responses. Versions 4.1.135.Final and 4.2.15.Final patch the issue.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 3.0%

CVSS Severity

CVSS v3 Score 8.7

References

https://github.com/netty/netty/releases/tag/netty-4.1.135.Final
https://github.com/netty/netty/releases/tag/netty-4.2.15.Final
https://github.com/netty/netty/security/advisories/GHSA-676x-f7gg-47vc

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-45674

Products

Pricing

Contact Us