CVE-2026-4893

MEDIUM

dnsmasq < 2.92rel2 - Information Disclosure via RFC 7871 Client Subnet Bypass

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-4893. PoCs published by lottiedeyan.

AI-analyzed exploit summary This repository contains a functional PoC exploit for CVE-2026-4893, targeting a DNS cache poisoning vulnerability in dnsmasq. The exploit sets up a fake upstream DNS server that sends crafted responses with mismatched EDNS Client Subnet (ECS) options to trigger the vulnerability.

Description

An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subnet information.

Exploits (1)

github WORKING POC
by lottiedeyan · pythonpoc
https://github.com/lottiedeyan/CVE20264893poc

This repository contains a functional PoC exploit for CVE-2026-4893, targeting a DNS cache poisoning vulnerability in dnsmasq. The exploit sets up a fake upstream DNS server that sends crafted responses with mismatched EDNS Client Subnet (ECS) options to trigger the vulnerability.

Classification
Working Poc 95%
Attack Type
Other
Complexity
Moderate
Reliability
Reliable
Target: dnsmasq (version not specified)
No auth needed
Prerequisites: dnsmasq configured with specific settings (port, upstream server, etc.) · network access to the target dnsmasq instance
devstral-2 · analyzed May 27, 2026 Full analysis →

References (7)

Core 7

Scores

CVSS v3 5.3
EPSS 0.0003
EPSS Percentile 9.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

Status published
Products (3)
dnsmasq/dnsmasq < 2.92rel2
dnsmasq/dnsmasq 2.92rel2
dnsmasq/dnsmasq 2.93
Published May 11, 2026
Tracked Since May 11, 2026