DoQ Forwarding Vulnerability in AdGuard Home by AdGuard
CVE-2026-47703

6.3MEDIUM

Key Information:

Vendor
CVE Published:
15 July 2026

What is CVE-2026-47703?

AdGuard Home, a software designed for comprehensive ad and tracking blocking, experienced a vulnerability in its DoQ forwarding mechanism prior to version 0.107.75. This flaw led to an exposure that allowed DNS requests to generate a state that weakened response matching for forwarded queries by creating conditions where dns_id=0 or txid=0 was possible. As a result, an attacker could exploit this to input malicious UDP packets, thereby impacting the integrity of DNS queries. This vulnerability has been addressed in version 0.107.75, enhancing the security of DNS response handling.

Affected Version(s)

AdGuardHome < 0.107.75

References

CVSS V4

Score:
6.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.