CVE-2026-28810: Predictable DNS Transaction IDs Enable Cache Poisoning in Built-in Resolver
Overview
- Severity
- N/A
- Exploit Status
- Not Exploited
- Patch Tuesday
- 2026-Apr
- Released
- 2026-04-11
- EPSS Score
- 0.27% (percentile: 18.3%)
Affected Products (2)
Open Source Software
- cbl2 kernel 5.15.202.1-1 on CBL Mariner 2.0
- azl3 kernel 6.6.130.1-3 on Azure Linux 3.0
Revision History
- 2026-04-11: Information published.