ZNC is prone to a remote denial-of-service vulnerability caused by a NULL-pointer dereference. An attacker may exploit this issue to crash the application, resulting in denial-of-service conditions. Given the nature of this issue, the attacker may also be able to run arbitrary code, but this has not been confirmed. The issue affects ZNC 0.090 other versions may also be affected.
Updates are available. Please see the references for more information.