CVE-2026-12245
HIGHNSD from version 4.13.0 has a heap use-after-free bug in logging errors on TLS connections, causing a crash of the server process, which can be triggered trivially by sending a DNS query over a DoT connection, and closing the connection without reading the response.
Published: 6/25/2026Modified: 6/26/2026