CVE-2026-14461
mtr is vulnerable to Out-of-bound read vulnerability in ipinfo_lookup() function. An attacker who can influence the TXT response used for AS lookups can trigger this bug by returning a DNS response that is larger than 512 bytes and uses a crafted compression pointer in the answer NAME field. ipinfo_lookup() function uses the length of the response as the end-of-message boundary for dn_expand() function. The result is a reliable crash.
This issue exists in the mtr through version 0.96 and it was fixed in commit 48e1794414d338ce47abc0f27c25ade8788af9c3.
CSIRTS triage
- What
- An out-of-bounds read vulnerability exists.
- Who is affected
- Users of mtr versions are affected.
- Urgency
- The urgency is unclear due to unknown severity.
- Action
- Monitor for updates regarding this vulnerability.
AI-assisted analysis generated from the source advisory — verify against the original.
⚡ Watch CVE-2026-14461
Get an email if CVE-2026-14461 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.
Advisory coverage (2)
- unknownCVE-2026-14461: mtr is vulnerable to Out-of-bound read vulnerability in ipinfo_lookup() function. An attacker …nvd · 2026-07-10
- unknownCVE-2026-14461: Out-of-bound read in mtrmsrc · 2026-07-02
External references
Embed the live status
— this badge updates automatically when the KEV or exploit status changes. How to embed it →
[](https://www.csirts.com/cve/CVE-2026-14461)