Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
Github GHSA |
GHSA-xgx4-4h9w-53pv | AdGuard Home: DoQ-to-UDP State Reduction and Source-Port Oracle |
Wed, 15 Jul 2026 18:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Wed, 15 Jul 2026 16:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | AdGuard Home is a network-wide software for blocking ads and tracking. Prior to 0.107.75, AdGuard Home's client-triggered DoQ forwarding path to a udp:// upstream reduced backend UDP DNS state by producing dns_id=0 or txid=0 and exposed a quoted-port ICMP source-port oracle, weakening DNS response matching for forwarded queries. This issue is fixed in version 0.107.75. | |
| Title | AdGuard Home: DoQ-to-UDP State Reduction and Source-Port Oracle | |
| Weaknesses | CWE-330 CWE-346 |
|
| References |
| |
| Metrics |
cvssV4_0
|
Subscriptions
No data.
Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2026-07-15T17:45:59.434Z
Reserved: 2026-05-19T21:18:20.404Z
Link: CVE-2026-47703
Updated: 2026-07-15T17:44:53.882Z
No data.
No data.
OpenCVE Enrichment
No data.
Github GHSA