| CVE ID | CVE-2026-14461 |
| Publication date | 10 July 2026 |
| Vendor | BitWizard |
| Product | mtr |
| Vulnerable versions | All through 0.96 |
| Vulnerability type (CWE) | Out-of-bounds read (CWE-125) |
| Report source | Report to CERT Polska |
Description
CERT Polska has received a report about vulnerability in BitWizard mtr software and participated in coordination of its disclosure.
The vulnerability CVE-2026-14461: mtr is vulnerable to Out-of-bound read vulnerability in ipinfo_lookup() function. An attacker who can influence the TXT response used for AS lookups can trigger this bug by returning a DNS response that is larger than 512 bytes and uses a crafted compression pointer in the answer NAME field. ipinfo_lookup() function uses the length of the response as the end-of-message boundary for dn_expand() function. The result is a reliable crash.
This issue exists in the mtr through version 0.96 and it was fixed in commit 48e1794414d338ce47abc0f27c25ade8788af9c3.
Credits
We thank Michał Majchrowicz and Marcin Wyczechowski from AFINE Team for the responsible vulnerability report.
More about the coordinated vulnerability disclosure process at CERT Polska can be found at https://cert.pl/en/cvd/.