{"id":"CVE-2026-12490","details":"When a provide-xfr is given with a tls-auth-name, a secondary requesting a transfer should provide a client certificate with that name. However, no client certificate is needed when the request comes in over TLS over the regular tls-port (and not the tls-auth-port) or over over TCP over the regular port, when the other conditions of the provide-xfr rule match.","modified":"2026-07-15T06:09:50.271380Z","published":"2026-06-25T07:16:45.330Z","references":[{"type":"FIX","url":"https://www.nlnetlabs.nl/downloads/nsd/CVE-2026-12490.txt"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/nlnetlabs/nsd","events":[{"introduced":"0"},{"fixed":"fc930b88cb4f628defae9835449065945bda7ddc"}],"database_specific":{"cpe":"cpe:2.3:a:nlnetlabs:nsd:*:*:*:*:*:*:*:*","extracted_events":[{"introduced":"0"},{"fixed":"4.14.3"}],"source":"CPE_RANGE"}}],"versions":["NSD_4_14_2_REL","NSD_4_14_2_RC1","NSD_4_14_1_REL","NSD_4_14_1_RC1","list","NSD_4_14_0_RC1","NSD_4_12_0_REL","NSD_4_13_0_REL","NSD_4_13_0_RC1","NSD_4_12_0_RC1","NSD_4_11_1_REL","NSD_4_11_0_REL","NSD_4_11_0_RC1","NSD_4_10_1_REL","NSD_4_10_1_RC2","NSD_4_10_1_RC1","NSD_4_10_0_RC1","NSD_4_9_0_RC1","NSD_4_8_0_REL","NSD_4_8_0_RC1","NSD_4_7_0_REL","NSD_4_7_0_RC1","NSD_4_6_1_REL","NSD_4_6_1_RC1","NSD_4_6_0_REL","NSD_4_6_0_RC1","NSD_4_5_0_REL","NSD_4_5_0_RC1","NSD_4_4_0_REL","NSD_4_4_0_RC1","NSD_4_3_9_REL","NSD_4_3_9_RC1","NSD_4_3_8_REL","NSD_4_3_8_RC2","NSD_4_3_8_RC1","NSD_4_3_7_REL","NSD_4_3_7_RC1","NSD_4_3_6_REL","NSD_4_3_6_RC1","NSD_4_3_5_REL","NSD_4_3_5_RC1","NSD_4_3_2_REL","NSD_4_3_2_RC1","NSD_4_3_4_REL","NSD_4_3_4_RC1","NSD_4_3_3_REL","NSD_4_3_3_RC1","NSD_4_3_1_REL","NSD_4_3_1_RC2","NSD_4_3_1_RC1","NSD_4_3_0_REL","NSD_4_3_0_RC1","help","NSD_4_2_4_REL","NSD_4_2_4_RC1","NSD_4_2_3_REL","NSD_4_2_3_RC1","NSD_4_2_2_REL","NSD_4_2_2_RC2","NSD_4_2_2_RC1","NSD_4_2_1_REL","NSD_4_2_1_RC1","NSD_4_2_0_REL","NSD_4_2_0_RC1","final-svn-state","NSD_4_1_27_RC1","NSD_4_1_26_RC1","NSD_4_1_25_REL","NSD_4_1_25_RC1","NSD_4_1_24_RC1","NSD_4_1_22_RC1","NSD_4_1_21_REL","NSD_4_1_21_RC1","NSD_4_1_20_RC1","NSD_4_1_19_REL","NSD_4_1_19RC1","NSD_4_1_18_REL","NSD_4_1_18_RC2","NSD_4_1_18_RC1","NSD_4_1_17_RC1","NSD_4_1_16_REL","NSD_4_1_16_RC1","NSD_4_1_15_RC1","NSD_4_1_14_REL","NSD_4_1_14_RC1","NSD_4_1_13_REL","NSD_4_1_13_RC1","NSD_4_1_11_RC2","NSD_4_1_11_RC1","NSD_4_1_10_REL","NSD_4_1_10_RC2","NSD_4_1_10_RC1","NSD_4_1_8_REL","NSD_4_1_8_RC1","NSD_4_1_7_RC1","NSD_4_1_6_REL","NSD_4_1_6_RC2","NSD_4_1_6_RC1","NSD_4_1_5_REL","NSD_4_1_4_RC1","NSD_4_1_2_REL","NSD_4_1_2_RC2","NSD_4_1_2_RC1","NSD_4_1_1_REL","NSD_4_1_1_RC1","NSD_4_1_0_REL","NSD_4_1_0_RC1","NSD_4_0_3_REL","NSD_4_0_2_REL","NSD_4_0_1_REL","NSD_4_0_1_RC2","NSD_4_0_1_RC1","NSD_4_0_0_REL","NSD_4_0_0_RC3","NSD_4_0_0_RC2","NSD_4_0_0_BETA4","NSD_4_0_0_BETA3","NSD_4_0_0_BETA2","NSD_4_0_0_BETA1","NSD_4_0_0_imp_6","NSD_4_0_0_imp_4","NSD_4_0_0_imp_3","NSD_4_0_0_imp_2","NSD_4_0_0_imp_1","NSD_3_2_7_REL","NSD_3_2_6_REL","NSD_3_2_4_REL","NSD_3_2_2_REL","NSD_3_2_1_REL","NSD_3_0_4_REL","NSD_3_0_2_REL","NSD_3_0_1_REL","NSD_3_signalsocket_solution","NSD_3_XML_SOCK_DB","NSD_2_3_0_REL","NSD_2_2_last_merge","NSD_2_2_end_of_merge","NSD_2_2_1_REL","NSD_2_2_0_REL","NSD_2_2_BP2","NSD_2_1_2_REL","NSD_2_1_BP","NSD_2_1_1_REL","NSD_2_1_last_merge","NSD_2_1_end_of_merge","NSD_2_1_5_REL","NSD_2_1_4_REL","NSD_2_1_3_REL","NSD_2_1_0_REL","NSD_2_0_BP","NSD_2_0_last_merge","NSD_2_0_end_of_merge","NSD_2_0_2_REL","NSD_2_0_1_REL","NSD_2_0_0_REL","NSD_2_0_0_WS_REL","NSD_1_4_0_ALPHA_1_REL","NSD_1_3_BP","NSD_1_3_0_ALPHA_1_REL","NSD_1_2_last_merge","NSD_1_2_end_of_merge","NSD_1_2_BP","NSD_1_2_4_REL","NSD_1_2_3_REL","NSD_1_2_2_REL","NSD_1_2_1_REL","NSD_1_2_0_REL","NSD_1_1_1_BP","NSD_1_1_1","NSD_1_1_0_BP","NSD_1_1_0_REL","NSD_1_1_0B2_REL","NSD_1_0_2_REL","NAMED8_STATS","NSD_1_0_3_last_merge","NSD_1_0_3_REL","NSD_1_0_2_merge_into_1_1_0","before_optimization","NSD_1_0_1_BP","NSD_1_0_1_BETA5","NSD_1_0_BP","ALPHA2","ALPHA","new_zf_parser_start","PostScrewUp","ANSWERS"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-12490.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}