CVE-2026-2291

HIGH

dnsmasq < 2.93 and < 2.92rel2 - Heap Buffer Overflow in extract_name()

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-2291. PoCs published by JianrongXiao-Linksys.

AI-analyzed exploit summary This repository contains functional exploit code for multiple dnsmasq CVEs, including CVE-2026-2291, with tools to test and trigger vulnerabilities via crafted DNS responses. It includes a malicious DNS server, remote scanner, and on-device verification script.

Description

dnsmasqs extract_name() function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS.

Exploits (1)

github WORKING POC
by JianrongXiao-Linksys · pythonpoc
https://github.com/JianrongXiao-Linksys/dnsmasq-cve-2026

This repository contains functional exploit code for multiple dnsmasq CVEs, including CVE-2026-2291, with tools to test and trigger vulnerabilities via crafted DNS responses. It includes a malicious DNS server, remote scanner, and on-device verification script.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: dnsmasq < 2.92rel2
No auth needed
Prerequisites: Network access to target dnsmasq instance · Ability to configure upstream DNS on target
devstral-2 · analyzed Jun 01, 2026 Full analysis →

References (8)

Core 8

Scores

CVSS v3 7.3
EPSS 0.0008
EPSS Percentile 24.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

Status published
Products (3)
dnsmasq/dnsmasq < 2.92rel2
dnsmasq/dnsmasq 2.92rel2
dnsmasq/dnsmasq 2.93
Published May 11, 2026
Tracked Since May 11, 2026