DNS Cache Poisoning Vulnerability in Netty Framework
CVE-2026-47691

8.7HIGH

Key Information:

Vendor

Netty

Status
Vendor
CVE Published:
12 June 2026

What is CVE-2026-47691?

The Netty Framework, a popular network application toolkit, contains a vulnerability in the DnsResolveContext that allows for DNS Cache Poisoning. This occurs due to insufficient validation of NS records, potentially allowing an attacker to manipulate DNS resolutions for parent domains by exploiting an authoritative name server for a subdomain. The vulnerability enables attackers to forge cache entries for parent domains, adversely affecting the integrity of domain name resolution. Versions 4.1.135.Final and 4.2.15.Final address this issue, safeguarding systems from such malicious activities.

Affected Version(s)

netty >= 4.2.0.Final, < 4.2.15.Final < 4.2.0.Final, 4.2.15.Final

netty < 4.1.135.Final < 4.1.135.Final

References

CVSS V3.1

Score:
8.7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.