This recent report lists vulnerabilities in DNS processing in embedded micros
https://www.forescout.com/company/resources/namewreck-breaking-and-fixing-dns-implementations
It is relivent to Arduino for two reasons
i) a number of Arduino boards now include extensive WiFi support
ii) most of the vulnerabilities arise from buffer/struct overflows, which highlights the need for buffer overflow check when using raw c-strings methods in sketches.
It is no immediately clear to me which, if any, of the Arduino compatible boards are vulnerable.
The article does say that some nRF SDK example code is vulnerable.