Seems to be found as a part of Patch The Planet [0] which is basically OpenAI giving model access and Trail of Bits using them to find vulnerabilities in OSS projects.
Seems to be found as a part of Patch The Planet [0] which is basically OpenAI giving model access and Trail of Bits using them to find vulnerabilities in OSS projects.
neat, i'm a big fan of trail of bits but apparently missed this announcement. here's their post: https://blog.trailofbits.com/2026/06/22/introducing-patch-th... and a summary of week 1: https://gist.github.com/patch-the-planet/69fd1aa925c8e73edea...
Sidenote but... I read this on that link:
dnsmasq: Codex Security independently identified vulnerable patterns corresponding to four of the six dnsmasq CVEs later fixed in 2.92rel2: CVE-2026-4890 (opens in a new window), CVE-2026-4891 (opens in a new window), CVE-2026-4892 (opens in a new window), and CVE-2026-517
dnsmasq has had so many freaking security holes in 2025 and 2026 that atm I decided to just remove that thing from all my machines.
I would love to, but apparently its needed for libvirt.
"dnsmasq has had so many freaking security holes in 2025 and 2026 that atm I decided to just remove that thing from all my machines."
Would be nice if OpenWRT would stop including it by default
What else is out there that fits openWRT's use case? BIND seems like it would be a bit "heavy"
For caching recursive dns, unbound?
I got the feeling that dnsmasq does more than just recursive dns though?