NLNET Labs has released version 4.14.3 of the Name Server Daemon (NSD) to address four critical security vulnerabilities. These vulnerabilities, identified as CVE-2026-12244, CVE-2026-12245, CVE-2026-12246, and CVE-2026-12490, have high severity scores (up to 8.8) and could lead to heap overflows and denial-of-service attacks. Patches are available and must be applied immediately as no confirmed exploitation has been reported yet.
Administrators are urged to upgrade from versions 4.13.0 to 4.14.2 to ensure system stability and secure DNS operations. Malicious actors could exploit these vulnerabilities, resulting in unauthorized access or disruptions in DNS services.