new DNS forwarder vulnerability