Vulnerability in Erlang Otp

CVE-2026-28810

Generation of Predictable Numbers or Identifiers vulnerability in Erlang/OTP kernel (inet_res, inet_db modules) allows DNS Cache Poisoning. The built-in DNS resolver (inet_res) uses a sequential, process-global 16-bit transaction ID for U…

EPSS: 0.000 (14.8th percentile) — read the EPSS interpretation.

Affected products

  • Erlang Otp — versions 3.0, 17.0, 07b8f441ca711f9812fad9e9115bab3c3aa92f79

Weakness classification (CWE)

References