A vulnerability described as critical has been identified in dnsmasq 2.92rel2 . This affects the function extract_addresses of the component DNS Response Handler . Such manipulation leads to out-of-bounds write. This vulnerability is listed as CVE-2026-5172 . The attack may be performed from remote. There is no available exploit.