CVE-2026-45673
mediumCVSS v3 Base Score
6.8
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
EPSS Score
0.0%
Exploitation probability in 30 days
Top 92% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Confidentiality
None
Integrity
High
Availability
None
Vulnerability Report
Generated by CyberWatcher
Description
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's DNS resolver uses a predictable PRNG for generating DNS transaction IDs and defaults to a static UDP source port. This combination reduces the entropy of DNS queries, enabling DNS Cache Poisoning (Kaminsky attack). Versions 4.1.135.Final and 4.2.15.Final patch the issue.
CWE
CWE-1241Affected Products
Cryostat 4OpenShift ServerlessRed Hat build of Apache Camel 4 for Quarkus 3Red Hat build of Apache Camel for Spring Boot 4Red Hat build of Apache Camel - HawtIO 4Red Hat build of Apicurio Registry 3Red Hat build of Debezium 3Red Hat Build of KeycloakRed Hat build of QuarkusRed Hat Data Grid 8