CVE-2026-1425
Unknown Unknown - Not Provided
Stack-Based Buffer Overflow in pymumu SmartDNS SVBC Parser

Publication date: 2026-01-26

Last updated on: 2026-02-23

Assigner: VulDB

Description
A security flaw has been discovered in pymumu SmartDNS up to 47.1. This vulnerability affects the function _dns_decode_rr_head/_dns_decode_SVCB_HTTPS of the file src/dns.c of the component SVBC Record Parser. The manipulation results in stack-based buffer overflow. It is possible to launch the attack remotely. A high complexity level is associated with this attack. It is stated that the exploitability is difficult. The patch is identified as 2d57c4b4e1add9b4537aeb403f794a084727e1c8. Applying a patch is advised to resolve this issue.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-26
Last Modified
2026-02-23
Generated
2026-06-16
AI Q&A
2026-01-26
EPSS Evaluated
2026-06-15
NVD
CVE-2026-1425
EUVD
EUVD-2026-4706
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
pymumu smartdns to 47.1 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-119 The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-1425 is a stack-based buffer overflow vulnerability in pymumu SmartDNS versions up to 47.1. It occurs in the SVBC Record Parser component, specifically in the functions _dns_decode_rr_head and _dns_decode_SVCB_HTTPS in the src/dns.c file. The vulnerability arises due to missing boundary checks when parsing malformed SVCB/HTTPS DNS records, allowing an attacker to overwrite the stack buffer by sending specially crafted DNS packets remotely. This can compromise the system's confidentiality, integrity, and availability. Exploitation is considered difficult and requires no authentication. A patch has been released to add proper boundary checks to prevent this overflow. [1, 2, 3]

Impact Analysis

This vulnerability can lead to a stack-based buffer overflow, which may allow an attacker to cause a Denial of Service (DoS) by crashing the application or potentially disclose sensitive information. It compromises the confidentiality, integrity, and availability of the system running pymumu SmartDNS. Since the attack can be launched remotely without authentication, it poses a risk to affected systems if unpatched. [1, 2]

Detection Guidance

This vulnerability can be detected by monitoring for anomalous or malformed DNS SVCB/HTTPS records that may trigger the stack-based buffer overflow in pymumu SmartDNS versions up to 47.1. Since the exploit involves sending specially crafted UDP packets to the DNS service, network administrators can use packet capture tools like tcpdump or Wireshark to filter and analyze DNS traffic for unusual SVCB/HTTPS record lengths or malformed DNS responses. For example, a command to capture DNS UDP traffic on port 53 could be: tcpdump -i <interface> udp port 53 -w dns_traffic.pcap. Further analysis can be done by inspecting the SVCB/HTTPS records in the captured traffic for abnormal lengths or malformed data. Additionally, checking the version of pymumu SmartDNS running on the system can help identify if the vulnerable version (up to 47.1) is in use. However, no specific detection commands or signatures are provided in the resources. [1, 2]

Mitigation Strategies

The immediate step to mitigate this vulnerability is to apply the patch identified by commit 2d57c4b4e1add9b4537aeb403f794a084727e1c8, which adds critical boundary checks in the DNS record parsing functions to prevent the stack-based buffer overflow. Users running pymumu SmartDNS versions up to 47.1 should upgrade to a patched version that includes this fix. Additionally, monitoring DNS traffic for suspicious or malformed SVCB/HTTPS records and restricting access to the DNS service to trusted sources can help reduce the risk of exploitation. Since the attack complexity is high and no public exploits are available, patching remains the most effective mitigation. [1, 3]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-1425. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart