What is CVE-2026-45674?

CVE-2026-45674 is a high-severity vulnerability, classified under Insufficient Verification of Data Authenticity. CVSS score: 8.7/10. Published 2026-06-12.

How severe is CVE-2026-45674?

High severity. CVSS v3 base score is 8.7 out of 10.

CVE-2026-45674

CVE-2026-45674

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's DnsResolveContext fails to validate the origin (bailiwick) of CNAME records in DNS response…

CVSS v3 metric

CVSS v3 base score 8.7 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N.

Weakness classification (CWE)

CWE-345 — Insufficient Verification of Data Authenticity

References

security-advisories@github.com
security-advisories@github.com
security-advisories@github.com

Frequently asked questions

What is CVE-2026-45674?: CVE-2026-45674 is a high-severity vulnerability, classified under Insufficient Verification of Data Authenticity. CVSS score: 8.7/10. Published 2026-06-12.
How severe is CVE-2026-45674?: High severity. CVSS v3 base score is 8.7 out of 10.