Search criteria

143 vulnerabilities

CVE-2026-42389 (GCVE-0-2026-42389)

Vulnerability from cvelistv5 – Published: 2026-06-25 13:16 – Updated: 2026-06-25 14:58
VLAI?
Title
Reject more queries with invalid header values
Summary
This fix provides extra hardening for the 5.4.x branch by doing extra validation of incoming answers from authoritative servers.
CWE
  • Improper Input Validation
Assigner
OX
Impacted products
Vendor Product Version
PowerDNS Recursor Affected: 5.4.0 , < 5.4.3 (semver)
Create a notification for this product.
Credits
Xiang Li, Mingming Zhang, Fasheng Miao, Zuyao Xu from AOSP Lab, Nankai University, Zhongguancun Lab, Tsinghua University
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-42389",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-25T14:58:11.587235Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-20",
                "description": "CWE-20 Improper Input Validation",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-25T14:58:17.088Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.powerdns.com/",
          "defaultStatus": "unaffected",
          "modules": [
            "Web Server"
          ],
          "packageName": "pdns-recursor",
          "product": "Recursor",
          "programFiles": [
            "pdns_recursor.cc"
          ],
          "repo": "https://github.com/PowerDNS/pdns",
          "vendor": "PowerDNS",
          "versions": [
            {
              "lessThan": "5.4.3",
              "status": "affected",
              "version": "5.4.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Xiang Li, Mingming Zhang, Fasheng Miao, Zuyao Xu from AOSP Lab, Nankai University, Zhongguancun Lab, Tsinghua University"
        }
      ],
      "datePublic": "2026-06-24T22:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThis fix provides extra hardening for the 5.4.x branch by doing extra validation of incoming answers from authoritative servers.\u003c/p\u003e"
            }
          ],
          "value": "This fix provides extra hardening for the 5.4.x branch by doing extra validation of incoming answers from authoritative servers."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-25T13:16:45.245Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-08.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Reject more queries with invalid header values",
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2026-42389",
    "datePublished": "2026-06-25T13:16:45.245Z",
    "dateReserved": "2026-04-27T08:53:58.839Z",
    "dateUpdated": "2026-06-25T14:58:17.088Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-52690 (GCVE-0-2026-52690)

Vulnerability from cvelistv5 – Published: 2026-06-25 13:01 – Updated: 2026-06-25 14:21
VLAI?
Title
Spoofed answers can mark an authoritative non-EDNS capable
Summary
Spoofing replies to Recursor might mark an IP of an authoritative server as not supporting EDNS, causing valdiation of DNSSEC records served by that server to fail.
CWE
  • Authentication Bypass by Spoofing
Assigner
OX
Impacted products
Vendor Product Version
PowerDNS Recursor Affected: 5.2.0 , < 5.2.11 (semver)
Affected: 5.3.0 , < 5.3.8 (semver)
Affected: 5.4.0 , < 5.4.3 (semver)
Create a notification for this product.
Credits
Mehtab Zafar
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-52690",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-25T14:21:31.973756Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-290",
                "description": "CWE-290 Authentication Bypass by Spoofing",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-25T14:21:36.692Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.powerdns.com/",
          "defaultStatus": "unaffected",
          "modules": [
            "Outgoing EDNS handling"
          ],
          "packageName": "pdns-recursor",
          "product": "Recursor",
          "programFiles": [
            "syncres.cc"
          ],
          "repo": "https://github.com/PowerDNS/pdns",
          "vendor": "PowerDNS",
          "versions": [
            {
              "lessThan": "5.2.11",
              "status": "affected",
              "version": "5.2.0",
              "versionType": "semver"
            },
            {
              "lessThan": "5.3.8",
              "status": "affected",
              "version": "5.3.0",
              "versionType": "semver"
            },
            {
              "lessThan": "5.4.3",
              "status": "affected",
              "version": "5.4.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Mehtab Zafar"
        }
      ],
      "datePublic": "2026-06-24T22:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eSpoofing replies to Recursor might mark an IP of an authoritative server as not supporting EDNS, causing valdiation of DNSSEC records served by that server to fail.\u003c/p\u003e"
            }
          ],
          "value": "Spoofing replies to Recursor might mark an IP of an authoritative server as not supporting EDNS, causing valdiation of DNSSEC records served by that server to fail."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Authentication Bypass by Spoofing",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-25T13:01:40.347Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-08.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Spoofed answers can mark an authoritative non-EDNS capable",
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2026-52690",
    "datePublished": "2026-06-25T13:01:40.347Z",
    "dateReserved": "2026-06-08T08:05:31.708Z",
    "dateUpdated": "2026-06-25T14:21:36.692Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-42390 (GCVE-0-2026-42390)

Vulnerability from cvelistv5 – Published: 2026-06-25 13:01 – Updated: 2026-06-25 14:25
VLAI?
Title
ZONEMD validation can be bypassed
Summary
An invalid zone might pass ZONEMD validation while it should not. This is only relevant if ZoneToCache is configured with ZONEMD validation.
CWE
  • Improper Input Validation
Assigner
OX
Impacted products
Vendor Product Version
PowerDNS Recursor Affected: 5.4.0 , < 5.4.3 (semver)
Create a notification for this product.
Credits
Vitaly Simonovich
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-42390",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-25T14:25:32.947074Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-20",
                "description": "CWE-20 Improper Input Validation",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-25T14:25:44.416Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.powerdns.com/",
          "defaultStatus": "unaffected",
          "modules": [
            "ZoneMD"
          ],
          "packageName": "pdns-recursor",
          "product": "Recursor",
          "programFiles": [
            "zonemd.cc"
          ],
          "repo": "https://github.com/PowerDNS/pdns",
          "vendor": "PowerDNS",
          "versions": [
            {
              "lessThan": "5.4.3",
              "status": "affected",
              "version": "5.4.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Vitaly Simonovich"
        }
      ],
      "datePublic": "2026-06-24T22:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eAn invalid zone might pass ZONEMD validation while it should not. This is only relevant if ZoneToCache is configured with ZONEMD validation.\u003c/p\u003e"
            }
          ],
          "value": "An invalid zone might pass ZONEMD validation while it should not. This is only relevant if ZoneToCache is configured with ZONEMD validation."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-25T13:01:08.394Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-08.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "ZONEMD validation can be bypassed",
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2026-42390",
    "datePublished": "2026-06-25T13:01:08.394Z",
    "dateReserved": "2026-04-27T08:53:58.839Z",
    "dateUpdated": "2026-06-25T14:25:44.416Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-42388 (GCVE-0-2026-42388)

Vulnerability from cvelistv5 – Published: 2026-06-25 12:59 – Updated: 2026-06-25 14:42
VLAI?
Title
Missing input validation for catalog zones
Summary
Incomplete validation of the SOA record present in a catalog zone might lead to a crash.
CWE
  • Improper Input Validation
Assigner
OX
Impacted products
Vendor Product Version
PowerDNS Recursor Affected: 5.2.0 , < 5.2.11 (semver)
Affected: 5.3.0 , < 5.3.8 (semver)
Affected: 5.4.0 , < 5.4.3 (semver)
Create a notification for this product.
Credits
ylwango613
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-42388",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-25T14:42:11.248693Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-20",
                "description": "CWE-20 Improper Input Validation",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-25T14:42:18.369Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.powerdns.com/",
          "defaultStatus": "unaffected",
          "modules": [
            "Catalog Zones"
          ],
          "packageName": "pdns-recursor",
          "product": "Recursor",
          "programFiles": [
            "rec-xfr.cc"
          ],
          "repo": "https://github.com/PowerDNS/pdns",
          "vendor": "PowerDNS",
          "versions": [
            {
              "lessThan": "5.2.11",
              "status": "affected",
              "version": "5.2.0",
              "versionType": "semver"
            },
            {
              "lessThan": "5.3.8",
              "status": "affected",
              "version": "5.3.0",
              "versionType": "semver"
            },
            {
              "lessThan": "5.4.3",
              "status": "affected",
              "version": "5.4.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "ylwango613"
        }
      ],
      "datePublic": "2026-06-24T22:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eIncomplete validation of the SOA record present in a catalog zone might lead to a crash.\u003c/p\u003e"
            }
          ],
          "value": "Incomplete validation of the SOA record present in a catalog zone might lead to a crash."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-25T12:59:38.192Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-08.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Missing input validation for catalog zones",
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2026-42388",
    "datePublished": "2026-06-25T12:59:38.192Z",
    "dateReserved": "2026-04-27T08:53:58.839Z",
    "dateUpdated": "2026-06-25T14:42:18.369Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-42387 (GCVE-0-2026-42387)

Vulnerability from cvelistv5 – Published: 2026-06-25 12:59 – Updated: 2026-06-25 14:41
VLAI?
Title
Insufficient input validation in ZoneToCache
Summary
A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to a crash of the Recursor due to insuffcient input validation.
CWE
  • Improper Input Validation
Assigner
OX
Impacted products
Vendor Product Version
PowerDNS Recursor Affected: 5.2.0 , < 5.2.11 (semver)
Affected: 5.3.0 , < 5.3.8 (semver)
Affected: 5.4.0 , < 5.4.3 (semver)
Create a notification for this product.
Credits
nurmukhammyed
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-42387",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-25T14:41:19.840992Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-20",
                "description": "CWE-20 Improper Input Validation",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-25T14:41:46.920Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.powerdns.com/",
          "defaultStatus": "unaffected",
          "modules": [
            "Zone to cache"
          ],
          "packageName": "pdns-recursor",
          "product": "Recursor",
          "programFiles": [
            "zonemd.cc"
          ],
          "repo": "https://github.com/PowerDNS/pdns",
          "vendor": "PowerDNS",
          "versions": [
            {
              "lessThan": "5.2.11",
              "status": "affected",
              "version": "5.2.0",
              "versionType": "semver"
            },
            {
              "lessThan": "5.3.8",
              "status": "affected",
              "version": "5.3.0",
              "versionType": "semver"
            },
            {
              "lessThan": "5.4.3",
              "status": "affected",
              "version": "5.4.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "nurmukhammyed"
        }
      ],
      "datePublic": "2026-06-24T22:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to a crash of the Recursor due to insuffcient input validation.\u003c/p\u003e"
            }
          ],
          "value": "A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to a crash of the Recursor due to insuffcient input validation."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-25T12:59:16.813Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-08.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Insufficient input validation in ZoneToCache",
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2026-42387",
    "datePublished": "2026-06-25T12:59:16.813Z",
    "dateReserved": "2026-04-27T08:53:58.838Z",
    "dateUpdated": "2026-06-25T14:41:46.920Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-40012 (GCVE-0-2026-40012)

Vulnerability from cvelistv5 – Published: 2026-06-25 12:58 – Updated: 2026-06-25 14:41
VLAI?
Title
Information about ECS zero scoped answers might leak to clients that use a specific ECS
Summary
ECS zero scoped answers are stored in the packet cache while they should not. This impacts only configurations that have ECS enabled;
CWE
  • Exposure of Resource to Wrong Sphere
Assigner
OX
Impacted products
Vendor Product Version
PowerDNS Recursor Affected: 5.2.0 , < 5.2.11 (semver)
Affected: 5.3.0 , < 5.3.8 (semver)
Affected: 5.4.0 , < 5.4.3 (semver)
Create a notification for this product.
Credits
Danial Mahadzir
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-40012",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-25T14:40:29.990781Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-524",
                "description": "CWE-524 Use of Cache Containing Sensitive Information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-25T14:41:00.796Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.powerdns.com/",
          "defaultStatus": "unaffected",
          "modules": [
            "EDNS Client Subnet processing"
          ],
          "packageName": "pdns-recursor",
          "product": "Recursor",
          "programFiles": [
            "pdns_recursor.cc"
          ],
          "repo": "https://github.com/PowerDNS/pdns",
          "vendor": "PowerDNS",
          "versions": [
            {
              "lessThan": "5.2.11",
              "status": "affected",
              "version": "5.2.0",
              "versionType": "semver"
            },
            {
              "lessThan": "5.3.8",
              "status": "affected",
              "version": "5.3.0",
              "versionType": "semver"
            },
            {
              "lessThan": "5.4.3",
              "status": "affected",
              "version": "5.4.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Danial Mahadzir"
        }
      ],
      "datePublic": "2026-06-24T22:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eECS zero scoped answers are stored in the packet cache while they should not. This impacts only configurations that have ECS enabled;\u003c/p\u003e"
            }
          ],
          "value": "ECS zero scoped answers are stored in the packet cache while they should not. This impacts only configurations that have ECS enabled;"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Exposure of Resource to Wrong Sphere",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-25T12:58:51.987Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-08.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Information about ECS zero scoped answers might leak to clients that use a specific ECS",
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2026-40012",
    "datePublished": "2026-06-25T12:58:51.987Z",
    "dateReserved": "2026-04-08T09:59:59.342Z",
    "dateUpdated": "2026-06-25T14:41:00.796Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-33612 (GCVE-0-2026-33612)

Vulnerability from cvelistv5 – Published: 2026-06-25 12:58 – Updated: 2026-06-25 13:35
VLAI?
Title
ZoneToCache can poison the cache
Summary
A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to cache poisoning.
CWE
  • Acceptance of Extraneous Untrusted Data With Trusted Data
Assigner
OX
Impacted products
Vendor Product Version
PowerDNS Recursor Affected: 5.2.0 , < 5.2.11 (semver)
Affected: 5.3.0 , < 5.3.8 (semver)
Affected: 5.4.0 , < 5.4.3 (semver)
Create a notification for this product.
Credits
Danial Mahadzir
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-33612",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-25T13:35:24.220350Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-349",
                "description": "CWE-349 Acceptance of Extraneous Untrusted Data With Trusted Data",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-25T13:35:27.649Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.powerdns.com/",
          "defaultStatus": "unaffected",
          "modules": [
            "Zone to cache"
          ],
          "packageName": "pdns-recursor",
          "product": "Recursor",
          "programFiles": [
            "rec-zonetocache.cc"
          ],
          "repo": "https://github.com/PowerDNS/pdns",
          "vendor": "PowerDNS",
          "versions": [
            {
              "lessThan": "5.2.11",
              "status": "affected",
              "version": "5.2.0",
              "versionType": "semver"
            },
            {
              "lessThan": "5.3.8",
              "status": "affected",
              "version": "5.3.0",
              "versionType": "semver"
            },
            {
              "lessThan": "5.4.3",
              "status": "affected",
              "version": "5.4.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Danial Mahadzir"
        }
      ],
      "datePublic": "2026-06-24T22:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to cache poisoning.\u003c/p\u003e"
            }
          ],
          "value": "A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to cache poisoning."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Acceptance of Extraneous Untrusted Data With Trusted Data",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-25T12:58:27.132Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-08.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "ZoneToCache can poison the cache",
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2026-33612",
    "datePublished": "2026-06-25T12:58:27.132Z",
    "dateReserved": "2026-03-23T12:58:38.267Z",
    "dateUpdated": "2026-06-25T13:35:27.649Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-42004 (GCVE-0-2026-42004)

Vulnerability from cvelistv5 – Published: 2026-06-25 12:24 – Updated: 2026-06-25 13:44
VLAI?
Title
EDNS options smuggling
Summary
An attacker can send a crafted EDNS OPT record that will be ignored by DNSdist’s filtering rules, but will be rewritten as a valid OPT record when EDNS Client Subnet is inserted, causing the backend to see the EDNS option(s) that DNSdist did not filter.
CWE
  • Misinterpretation of Input
Assigner
OX
Impacted products
Vendor Product Version
PowerDNS DNSdist Affected: 1.9.0 , < 1.9.15 (semver)
Affected: 2.0.0 , < 2.0.7 (semver)
Create a notification for this product.
Credits
Vitaly Simonovich
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-42004",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-25T13:44:02.980438Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-115",
                "description": "CWE-115 Misinterpretation of Input",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-25T13:44:07.962Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.powerdns.com/",
          "defaultStatus": "unaffected",
          "modules": [
            "EDNS processing"
          ],
          "packageName": "dnsdist",
          "product": "DNSdist",
          "programFiles": [
            "dnsdist-ecs.cc"
          ],
          "repo": "https://github.com/PowerDNS/pdns",
          "vendor": "PowerDNS",
          "versions": [
            {
              "lessThan": "1.9.15",
              "status": "affected",
              "version": "1.9.0",
              "versionType": "semver"
            },
            {
              "lessThan": "2.0.7",
              "status": "affected",
              "version": "2.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Vitaly Simonovich"
        }
      ],
      "datePublic": "2026-06-24T22:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eAn attacker can send a crafted EDNS OPT record that will be ignored by DNSdist\u2019s filtering rules, but will be rewritten as a valid OPT record when EDNS Client Subnet is inserted, causing the backend to see the EDNS option(s) that DNSdist did not filter.\u003c/p\u003e"
            }
          ],
          "value": "An attacker can send a crafted EDNS OPT record that will be ignored by DNSdist\u2019s filtering rules, but will be rewritten as a valid OPT record when EDNS Client Subnet is inserted, causing the backend to see the EDNS option(s) that DNSdist did not filter."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Misinterpretation of Input",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-25T12:24:20.140Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "url": "https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-09.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "EDNS options smuggling",
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2026-42004",
    "datePublished": "2026-06-25T12:24:20.140Z",
    "dateReserved": "2026-04-23T11:15:21.198Z",
    "dateUpdated": "2026-06-25T13:44:07.962Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-40211 (GCVE-0-2026-40211)

Vulnerability from cvelistv5 – Published: 2026-06-25 12:23 – Updated: 2026-06-25 13:45
VLAI?
Title
Denial of service via crafted DoH3 queries
Summary
An attacker can send crafted DNS over HTTP/3 queries, triggering an exception that prevents some buffer from being freed right away. The buffer will be freed at the end of the QUIC connection, but on some setups it might be possible to open enough concurrent DoH3 streams to trigger an out-of-memory condition, resulting in a denial of service.
CWE
  • Allocation of Resources Without Limits or Throttling
Assigner
OX
Impacted products
Vendor Product Version
PowerDNS DNSdist Affected: 1.9.0 , < 1.9.15 (semver)
Affected: 2.0.0 , < 2.0.7 (semver)
Create a notification for this product.
Credits
Mehtab Zafar
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-40211",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-25T13:44:56.582604Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-770",
                "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-25T13:45:02.430Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.powerdns.com/",
          "defaultStatus": "unaffected",
          "modules": [
            "DNS over HTTP3"
          ],
          "packageName": "dnsdist",
          "product": "DNSdist",
          "programFiles": [
            "dnsdist-crypto.cc"
          ],
          "repo": "https://github.com/PowerDNS/pdns",
          "vendor": "PowerDNS",
          "versions": [
            {
              "lessThan": "1.9.15",
              "status": "affected",
              "version": "1.9.0",
              "versionType": "semver"
            },
            {
              "lessThan": "2.0.7",
              "status": "affected",
              "version": "2.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Mehtab Zafar"
        }
      ],
      "datePublic": "2026-06-24T22:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eAn attacker can send crafted DNS over HTTP/3 queries, triggering an exception that prevents some buffer from being freed right away. The buffer will be freed at the end of the QUIC connection, but on some setups it might be possible to open enough concurrent DoH3 streams to trigger an out-of-memory condition, resulting in a denial of service.\u003c/p\u003e"
            }
          ],
          "value": "An attacker can send crafted DNS over HTTP/3 queries, triggering an exception that prevents some buffer from being freed right away. The buffer will be freed at the end of the QUIC connection, but on some setups it might be possible to open enough concurrent DoH3 streams to trigger an out-of-memory condition, resulting in a denial of service."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-25T12:23:55.585Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "url": "https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-09.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Denial of service via crafted DoH3 queries",
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2026-40211",
    "datePublished": "2026-06-25T12:23:55.585Z",
    "dateReserved": "2026-04-10T07:11:39.060Z",
    "dateUpdated": "2026-06-25T13:45:02.430Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-40210 (GCVE-0-2026-40210)

Vulnerability from cvelistv5 – Published: 2026-06-25 12:23 – Updated: 2026-06-25 13:49
VLAI?
Title
Out-of-bounds read in SetMacAddrAction
Summary
An out-of-bounds read might happen when SetMacAddrAction is used, potentially resulting in uninitialized memory being sent over the network or a crash.
CWE
  • Buffer Over-read
Assigner
OX
Impacted products
Vendor Product Version
PowerDNS DNSdist Affected: 1.9.0 , < 1.9.15 (semver)
Affected: 2.0.0 , < 2.0.7 (semver)
Create a notification for this product.
Credits
Qifan Zhang (Palo Alto Networks)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-40210",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-25T13:49:25.851878Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-126",
                "description": "CWE-126 Buffer Over-read",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-25T13:49:35.668Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.powerdns.com/",
          "defaultStatus": "unaffected",
          "modules": [
            "SetMacAddrAction"
          ],
          "packageName": "dnsdist",
          "product": "DNSdist",
          "programFiles": [
            "dnsdist-actions-factory.cc"
          ],
          "repo": "https://github.com/PowerDNS/pdns",
          "vendor": "PowerDNS",
          "versions": [
            {
              "lessThan": "1.9.15",
              "status": "affected",
              "version": "1.9.0",
              "versionType": "semver"
            },
            {
              "lessThan": "2.0.7",
              "status": "affected",
              "version": "2.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Qifan Zhang (Palo Alto Networks)"
        }
      ],
      "datePublic": "2026-06-24T22:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eAn out-of-bounds read might happen when SetMacAddrAction is used, potentially resulting in uninitialized memory being sent over the network or a crash.\u003c/p\u003e"
            }
          ],
          "value": "An out-of-bounds read might happen when SetMacAddrAction is used, potentially resulting in uninitialized memory being sent over the network or a crash."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Buffer Over-read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-25T12:23:31.623Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "url": "https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-09.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Out-of-bounds read in SetMacAddrAction",
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2026-40210",
    "datePublished": "2026-06-25T12:23:31.623Z",
    "dateReserved": "2026-04-10T07:11:39.060Z",
    "dateUpdated": "2026-06-25T13:49:35.668Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-40209 (GCVE-0-2026-40209)

Vulnerability from cvelistv5 – Published: 2026-06-25 12:23 – Updated: 2026-06-25 13:56
VLAI?
Title
Denial of service via IXFR queries
Summary
An attacker might be able to cause outgoing TCP connections to backend to be stuck until a timeout occurs instead of being released immediately, by sending IXFR queries. This could be used to cause a denial of service if there is a limit to the number of concurrent connections to this backend, or if the process runs out of file descriptors.
CWE
  • Missing Release of Resource after Effective Lifetime
Assigner
OX
Impacted products
Vendor Product Version
PowerDNS DNSdist Affected: 1.9.0 , < 1.9.15 (semver)
Affected: 2.0.0 , < 2.0.7 (semver)
Create a notification for this product.
Credits
Qifan Zhang (Palo Alto Networks)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-40209",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-25T13:56:17.791790Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-772",
                "description": "CWE-772 Missing Release of Resource after Effective Lifetime",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-25T13:56:22.793Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.powerdns.com/",
          "defaultStatus": "unaffected",
          "modules": [
            "DNS over TCP to the backend"
          ],
          "packageName": "dnsdist",
          "product": "DNSdist",
          "programFiles": [
            "dnsdist-tcp-downstream.cc"
          ],
          "repo": "https://github.com/PowerDNS/pdns",
          "vendor": "PowerDNS",
          "versions": [
            {
              "lessThan": "1.9.15",
              "status": "affected",
              "version": "1.9.0",
              "versionType": "semver"
            },
            {
              "lessThan": "2.0.7",
              "status": "affected",
              "version": "2.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Qifan Zhang (Palo Alto Networks)"
        }
      ],
      "datePublic": "2026-06-24T22:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eAn attacker might be able to cause outgoing TCP connections to backend to be stuck until a timeout occurs instead of being released immediately, by sending IXFR queries. This could be used to cause a denial of service if there is a limit to the number of concurrent connections to this backend, or if the process runs out of file descriptors.\u003c/p\u003e"
            }
          ],
          "value": "An attacker might be able to cause outgoing TCP connections to backend to be stuck until a timeout occurs instead of being released immediately, by sending IXFR queries. This could be used to cause a denial of service if there is a limit to the number of concurrent connections to this backend, or if the process runs out of file descriptors."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Missing Release of Resource after Effective Lifetime",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-25T12:23:05.694Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "url": "https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-09.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Denial of service via IXFR queries",
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2026-40209",
    "datePublished": "2026-06-25T12:23:05.694Z",
    "dateReserved": "2026-04-10T07:11:39.060Z",
    "dateUpdated": "2026-06-25T13:56:22.793Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-40208 (GCVE-0-2026-40208)

Vulnerability from cvelistv5 – Published: 2026-06-25 12:22 – Updated: 2026-06-25 13:24
VLAI?
Title
Denial of service via DoH3 queries
Summary
An attacker might be able to delay the processing of DoH3 queries by sending DoH3 GET queries with an invalid DATA frame.
CWE
  • Incorrect Control Flow Scoping
Assigner
OX
Impacted products
Vendor Product Version
PowerDNS DNSdist Affected: 1.9.0 , < 1.9.15 (semver)
Affected: 2.0.0 , < 2.0.7 (semver)
Create a notification for this product.
Credits
ylwango613
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-40208",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-25T13:24:51.405029Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-705",
                "description": "CWE-705 Incorrect Control Flow Scoping",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-25T13:24:55.798Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.powerdns.com/",
          "defaultStatus": "unaffected",
          "modules": [
            "DNS over HTTP3"
          ],
          "packageName": "dnsdist",
          "product": "DNSdist",
          "programFiles": [
            "doh3.cc"
          ],
          "repo": "https://github.com/PowerDNS/pdns",
          "vendor": "PowerDNS",
          "versions": [
            {
              "lessThan": "1.9.15",
              "status": "affected",
              "version": "1.9.0",
              "versionType": "semver"
            },
            {
              "lessThan": "2.0.7",
              "status": "affected",
              "version": "2.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "ylwango613"
        }
      ],
      "datePublic": "2026-06-24T22:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eAn attacker might be able to delay the processing of DoH3 queries by sending DoH3 GET queries with an invalid DATA frame.\u003c/p\u003e"
            }
          ],
          "value": "An attacker might be able to delay the processing of DoH3 queries by sending DoH3 GET queries with an invalid DATA frame."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Incorrect Control Flow Scoping",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-25T12:22:42.722Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "url": "https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-09.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Denial of service via DoH3 queries",
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2026-40208",
    "datePublished": "2026-06-25T12:22:42.722Z",
    "dateReserved": "2026-04-10T07:11:39.060Z",
    "dateUpdated": "2026-06-25T13:24:55.798Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-40011 (GCVE-0-2026-40011)

Vulnerability from cvelistv5 – Published: 2026-06-25 12:22 – Updated: 2026-06-25 13:23
VLAI?
Title
Prometheus denial of service via crafted DNS queries
Summary
An attacker sending a large number of crafted DNS queries might be able to trigger a dynamic block being inserted with a value causing invalid output to be produced in the prometheus endpoint. The prometheus endpoint will then be rejected by the scraper until the dynamic block expires.
CWE
  • Improper Encoding or Escaping of Output
Assigner
OX
Impacted products
Vendor Product Version
PowerDNS DNSdist Affected: 1.9.0 , < 1.9.15 (semver)
Affected: 2.0.0 , < 2.0.7 (semver)
Create a notification for this product.
Credits
Haruki Oyama (Waseda University)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-40011",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-25T13:23:09.989984Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-116",
                "description": "CWE-116 Improper Encoding or Escaping of Output",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-25T13:23:46.840Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.powerdns.com/",
          "defaultStatus": "unaffected",
          "modules": [
            "Prometheus export"
          ],
          "packageName": "dnsdist",
          "product": "DNSdist",
          "programFiles": [
            "dnsdist-web.cc"
          ],
          "repo": "https://github.com/PowerDNS/pdns",
          "vendor": "PowerDNS",
          "versions": [
            {
              "lessThan": "1.9.15",
              "status": "affected",
              "version": "1.9.0",
              "versionType": "semver"
            },
            {
              "lessThan": "2.0.7",
              "status": "affected",
              "version": "2.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Haruki Oyama (Waseda University)"
        }
      ],
      "datePublic": "2026-06-24T22:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eAn attacker sending a large number of crafted DNS queries might be able to trigger a dynamic block being inserted with a value causing invalid output to be produced in the prometheus endpoint. The prometheus endpoint will then be rejected by the scraper until the dynamic block expires.\u003c/p\u003e"
            }
          ],
          "value": "An attacker sending a large number of crafted DNS queries might be able to trigger a dynamic block being inserted with a value causing invalid output to be produced in the prometheus endpoint. The prometheus endpoint will then be rejected by the scraper until the dynamic block expires."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Improper Encoding or Escaping of Output",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-25T12:22:19.248Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "url": "https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-09.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Prometheus denial of service via crafted DNS queries",
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2026-40011",
    "datePublished": "2026-06-25T12:22:19.248Z",
    "dateReserved": "2026-04-08T09:59:59.341Z",
    "dateUpdated": "2026-06-25T13:23:46.840Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-42005 (GCVE-0-2026-42005)

Vulnerability from cvelistv5 – Published: 2026-06-25 11:57 – Updated: 2026-06-25 13:04
VLAI?
Title
Insufficient input validation of internal web server
Summary
An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default.
CWE
  • Allocation of Resources Without Limits or Throttling
Assigner
OX
Impacted products
Vendor Product Version
PowerDNS Authoritative Affected: 4.9.0 , < 4.9.16 (semver)
Affected: 5.0.0 , < 5.0.6 (semver)
Affected: 5.1.0 , < 5.1.2 (semver)
Create a notification for this product.
Credits
ilya rozentsvaig
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-42005",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-25T13:03:44.259390Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-400",
                "description": "CWE-400 Uncontrolled Resource Consumption",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-25T13:04:12.854Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.powerdns.com/",
          "defaultStatus": "unaffected",
          "modules": [
            "YaHTTP"
          ],
          "packageName": "pdns",
          "product": "Authoritative",
          "programFiles": [
            "ext/yahttp/yahttp/reqresp.cpp"
          ],
          "repo": "https://github.com/PowerDNS/pdns",
          "vendor": "PowerDNS",
          "versions": [
            {
              "lessThan": "4.9.16",
              "status": "affected",
              "version": "4.9.0",
              "versionType": "semver"
            },
            {
              "lessThan": "5.0.6",
              "status": "affected",
              "version": "5.0.0",
              "versionType": "semver"
            },
            {
              "lessThan": "5.1.2",
              "status": "affected",
              "version": "5.1.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "ilya rozentsvaig"
        }
      ],
      "datePublic": "2026-06-10T22:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An attacker can send a web request that causes unlimited memory \nallocation in the internal web server, leading to a denial of service. \nThe internal web server is disabled by default."
            }
          ],
          "value": "An attacker can send a web request that causes unlimited memory \nallocation in the internal web server, leading to a denial of service. \nThe internal web server is disabled by default."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-25T11:57:16.346Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "url": "https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-powerdns-2026-07.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Insufficient input validation of internal web server",
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2026-42005",
    "datePublished": "2026-06-25T11:57:16.346Z",
    "dateReserved": "2026-04-23T11:15:21.199Z",
    "dateUpdated": "2026-06-25T13:04:12.854Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-41999 (GCVE-0-2026-41999)

Vulnerability from cvelistv5 – Published: 2026-05-21 09:27 – Updated: 2026-05-21 11:58
VLAI?
Title
Incorrect Behaviour of Views with TCP PROXY Requests
Summary
Incorrect Behaviour of Views with TCP PROXY Requests
CWE
  • Improper Access Control
Assigner
OX
Impacted products
Vendor Product Version
PowerDNS Authoritative Affected: 5.0.0 , < 5.0.5 (semver)
Create a notification for this product.
Credits
Zwique
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-41999",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-21T11:57:01.581143Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-284",
                "description": "CWE-284 Improper Access Control",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-21T11:58:25.869Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.powerdns.com/",
          "defaultStatus": "unaffected",
          "modules": [
            "Views with Proxy Protocol"
          ],
          "packageName": "pdns",
          "product": "Authoritative",
          "programFiles": [
            "tcpreceiver.cc"
          ],
          "repo": "https://github.com/PowerDNS/pdns",
          "vendor": "PowerDNS",
          "versions": [
            {
              "lessThan": "5.0.5",
              "status": "affected",
              "version": "5.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Zwique"
        }
      ],
      "datePublic": "2026-05-19T22:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eIncorrect Behaviour of Views with TCP PROXY Requests\u003c/p\u003e"
            }
          ],
          "value": "Incorrect Behaviour of Views with TCP PROXY Requests"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Improper Access Control",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-21T09:27:26.744Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "url": "https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-powerdns-2026-06.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Incorrect Behaviour of Views with TCP PROXY Requests",
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2026-41999",
    "datePublished": "2026-05-21T09:27:26.744Z",
    "dateReserved": "2026-04-23T11:15:21.198Z",
    "dateUpdated": "2026-05-21T11:58:25.869Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-42002 (GCVE-0-2026-42002)

Vulnerability from cvelistv5 – Published: 2026-05-21 09:27 – Updated: 2026-05-21 11:59
VLAI?
Title
Concurrency and locking defects in GSS-TSIG
Summary
Concurrency and locking defects in GSS-TSIG
CWE
  • Signal Handler Race Condition
Assigner
OX
Impacted products
Vendor Product Version
PowerDNS Authoritative Affected: 4.9.0 , < 4.9.15 (semver)
Affected: 5.0.0 , < 5.0.5 (semver)
Create a notification for this product.
Credits
thanos_haruki
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-42002",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-21T11:58:57.204166Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-364",
                "description": "CWE-364 Signal Handler Race Condition",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-21T11:59:46.710Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.powerdns.com/",
          "defaultStatus": "unaffected",
          "modules": [
            "GSS-TSIG"
          ],
          "packageName": "pdns",
          "product": "Authoritative",
          "programFiles": [
            "gss_context.cc"
          ],
          "repo": "https://github.com/PowerDNS/pdns",
          "vendor": "PowerDNS",
          "versions": [
            {
              "lessThan": "4.9.15",
              "status": "affected",
              "version": "4.9.0",
              "versionType": "semver"
            },
            {
              "lessThan": "5.0.5",
              "status": "affected",
              "version": "5.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "thanos_haruki"
        }
      ],
      "datePublic": "2026-05-19T22:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eConcurrency and locking defects in GSS-TSIG\u003c/p\u003e"
            }
          ],
          "value": "Concurrency and locking defects in GSS-TSIG"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Signal Handler Race Condition",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-21T09:27:04.431Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "url": "https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-powerdns-2026-06.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Concurrency and locking defects in GSS-TSIG",
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2026-42002",
    "datePublished": "2026-05-21T09:27:04.431Z",
    "dateReserved": "2026-04-23T11:15:21.198Z",
    "dateUpdated": "2026-05-21T11:59:46.710Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-42001 (GCVE-0-2026-42001)

Vulnerability from cvelistv5 – Published: 2026-05-21 09:26 – Updated: 2026-05-21 12:01
VLAI?
Title
Insufficient Validation of Autoprimary SOA Queries
Summary
Insufficient Validation of Autoprimary SOA Queries
CWE
  • Uncontrolled Resource Consumption
Assigner
OX
Impacted products
Vendor Product Version
PowerDNS Authoritative Affected: 4.9.0 , < 4.9.15 (semver)
Affected: 5.0.0 , < 5.0.5 (semver)
Create a notification for this product.
Credits
lazarux0x1337
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-42001",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-21T12:00:49.119135Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-400",
                "description": "CWE-400 Uncontrolled Resource Consumption",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-21T12:01:03.812Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.powerdns.com/",
          "defaultStatus": "unaffected",
          "modules": [
            "auto-secondary"
          ],
          "packageName": "pdns",
          "product": "Authoritative",
          "programFiles": [
            "resolver.cc"
          ],
          "repo": "https://github.com/PowerDNS/pdns",
          "vendor": "PowerDNS",
          "versions": [
            {
              "lessThan": "4.9.15",
              "status": "affected",
              "version": "4.9.0",
              "versionType": "semver"
            },
            {
              "lessThan": "5.0.5",
              "status": "affected",
              "version": "5.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "lazarux0x1337"
        }
      ],
      "datePublic": "2026-05-19T22:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eInsufficient Validation of Autoprimary SOA Queries\u003c/p\u003e"
            }
          ],
          "value": "Insufficient Validation of Autoprimary SOA Queries"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-21T09:26:38.829Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "url": "https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-powerdns-2026-06.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Insufficient Validation of Autoprimary SOA Queries",
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2026-42001",
    "datePublished": "2026-05-21T09:26:38.829Z",
    "dateReserved": "2026-04-23T11:15:21.198Z",
    "dateUpdated": "2026-05-21T12:01:03.812Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-42000 (GCVE-0-2026-42000)

Vulnerability from cvelistv5 – Published: 2026-05-21 09:25 – Updated: 2026-05-21 12:02
VLAI?
Title
Insufficient Validation of Names During AXFR
Summary
Insufficient Validation of Names During AXFR
CWE
  • Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
OX
Impacted products
Vendor Product Version
PowerDNS Authoritative Affected: 4.9.0 , < 4.9.15 (semver)
Affected: 5.0.0 , < 5.0.5 (semver)
Create a notification for this product.
Credits
ilhamaf
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-42000",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-21T12:01:48.669083Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-77",
                "description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-21T12:02:35.449Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.powerdns.com/",
          "defaultStatus": "unaffected",
          "modules": [
            "BIND Backend"
          ],
          "packageName": "pdns",
          "product": "Authoritative",
          "programFiles": [
            "bindbackend2.cc"
          ],
          "repo": "https://github.com/PowerDNS/pdns",
          "vendor": "PowerDNS",
          "versions": [
            {
              "lessThan": "4.9.15",
              "status": "affected",
              "version": "4.9.0",
              "versionType": "semver"
            },
            {
              "lessThan": "5.0.5",
              "status": "affected",
              "version": "5.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "ilhamaf"
        }
      ],
      "datePublic": "2026-05-19T22:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eInsufficient Validation of Names During AXFR\u003c/p\u003e"
            }
          ],
          "value": "Insufficient Validation of Names During AXFR"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-21T09:25:43.728Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "url": "https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-powerdns-2026-06.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Insufficient Validation of Names During AXFR",
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2026-42000",
    "datePublished": "2026-05-21T09:25:43.728Z",
    "dateReserved": "2026-04-23T11:15:21.198Z",
    "dateUpdated": "2026-05-21T12:02:35.449Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-42396 (GCVE-0-2026-42396)

Vulnerability from cvelistv5 – Published: 2026-05-21 09:25 – Updated: 2026-05-21 12:03
VLAI?
Title
Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail
Summary
Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail
CWE
  • Improper Control of Generation of Code ('Code Injection')
Assigner
OX
Impacted products
Vendor Product Version
PowerDNS Authoritative Affected: 4.9.0 , < 4.9.15 (semver)
Affected: 5.0.0 , < 5.0.5 (semver)
Create a notification for this product.
Credits
ilhamaf
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-42396",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-21T12:03:13.589644Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-94",
                "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-21T12:03:16.000Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.powerdns.com/",
          "defaultStatus": "unaffected",
          "modules": [
            "Catalog Zones"
          ],
          "packageName": "pdns",
          "product": "Authoritative",
          "programFiles": [
            "auth-catalogzone.cc"
          ],
          "repo": "https://github.com/PowerDNS/pdns",
          "vendor": "PowerDNS",
          "versions": [
            {
              "lessThan": "4.9.15",
              "status": "affected",
              "version": "4.9.0",
              "versionType": "semver"
            },
            {
              "lessThan": "5.0.5",
              "status": "affected",
              "version": "5.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "ilhamaf"
        }
      ],
      "datePublic": "2026-05-19T22:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eInsufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail\u003c/p\u003e"
            }
          ],
          "value": "Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-21T09:25:03.315Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "url": "https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-powerdns-2026-06.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail",
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2026-42396",
    "datePublished": "2026-05-21T09:25:03.315Z",
    "dateReserved": "2026-04-27T08:53:58.839Z",
    "dateUpdated": "2026-05-21T12:03:16.000Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-42006 (GCVE-0-2026-42006)

Vulnerability from cvelistv5 – Published: 2026-05-12 13:28 – Updated: 2026-06-30 12:08
VLAI?
Summary
An attacker can cause uncontrolled memory usage with excessive bracing over IMAP. The fix in CVE-2026-27857 was incomplete, only blocking one way of doing this, so there was still another way left open. In particular, the fix was for closing braces, but you could still use open braces to bypass the limit. Using excessive bracing, attacker can cause memory usage up to configured memory limit. Install fixed version, or configure vsz_limit for imap process to low value. No publicly available exploits are known.
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Assigner
OX
References
Impacted products
Vendor Product Version
Open-Xchange GmbH OX Dovecot Pro Affected: 0 , ≤ 3.0.5 (semver)
Affected: 0 , ≤ 3.1.4 (semver)
Affected: 0 , ≤ 2.4.3 (semver)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-42006",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-12T15:40:29.845540Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-12T15:40:38.913Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:10"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux 10",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:6"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux 6",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:8"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux 8",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux 9",
            "vendor": "Red Hat"
          }
        ],
        "datePublic": "2026-05-12T13:28:46.922Z",
        "descriptions": [
          {
            "lang": "en",
            "value": "A flaw was found in Dovecot. A remote attacker can exploit this vulnerability by sending excessive open braces over the Internet Message Access Protocol (IMAP), leading to uncontrolled memory usage. This can cause the affected system to consume memory up to its configured limit, resulting in a Denial of Service (DoS)."
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "namespace": "https://access.redhat.com/security/updates/classification/",
                "value": "Important"
              },
              "type": "Red Hat severity rating"
            }
          },
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            },
            "format": "CVSS"
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-770",
                "description": "Allocation of Resources Without Limits or Throttling",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-30T12:08:45.461Z",
          "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
          "shortName": "redhat-SADP"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2026-42006"
          },
          {
            "name": "RHBZ#2476476",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2476476"
          },
          {
            "tags": [
              "x_sadp-csaf-vex"
            ],
            "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-42006.json"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2026-05-12T14:02:01.841Z",
            "value": "Reported to Red Hat."
          },
          {
            "lang": "en",
            "time": "2026-05-12T13:28:46.922Z",
            "value": "Made public."
          }
        ],
        "title": "dovecot: Dovecot: Denial of Service via excessive IMAP bracing",
        "workarounds": [
          {
            "lang": "en",
            "value": "To mitigate this issue, administrators can configure the `vsz_limit` setting for the Dovecot IMAP process to a lower value. This limits the virtual memory size available to the IMAP process, preventing excessive memory consumption.\n\nExample configuration in `/etc/dovecot/conf.d/10-master.conf`:\n```\nservice imap {\n  vsz_limit = 256M\n}\n```\nAfter modifying the configuration, restart the Dovecot service for the changes to take effect.\n```bash\nsystemctl restart dovecot\n```\nSetting `vsz_limit` too low may impact legitimate IMAP operations. \n\n*Restarting the dovecot service will temporarily interrupt mail services."
          }
        ],
        "x_adpType": "supplier",
        "x_generator": {
          "engine": "sadp-cli 1.0.0"
        }
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "modules": [
            "core"
          ],
          "product": "OX Dovecot Pro",
          "vendor": "Open-Xchange GmbH",
          "versions": [
            {
              "lessThanOrEqual": "3.0.5",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "3.1.4",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "2.4.3",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An attacker can cause uncontrolled memory usage with excessive bracing over IMAP. The fix in CVE-2026-27857 was incomplete, only blocking one way of doing this, so there was still another way left open. In particular, the fix was for closing braces, but you could still use open braces to bypass the limit. Using excessive bracing, attacker can cause memory usage up to configured memory limit. Install fixed version, or configure vsz_limit for imap process to low value. No publicly available exploits are known."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-12T13:39:06.099Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://documentation.open-xchange.com/dovecot/security/advisories/csaf/2026/oxdc-adv-2026-0002.json"
        }
      ],
      "source": {
        "defect": "DOV-9138",
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2026-42006",
    "datePublished": "2026-05-12T13:28:46.922Z",
    "dateReserved": "2026-04-23T11:15:21.199Z",
    "dateUpdated": "2026-06-30T12:08:45.461Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-40020 (GCVE-0-2026-40020)

Vulnerability from cvelistv5 – Published: 2026-05-12 13:28 – Updated: 2026-05-12 15:40
VLAI?
Summary
Attacker can use the IMAP SETACL command to inject the anyone permission to user's dovecot-acl file even if imap_acl_allow_anyone=no. This causes folders to be spammed to all users. The impact is limited to being able to spam folders to other users, no unexpected access is gained. Install to fixed version. No publicly available exploits are known.
CWE
  • CWE-284 - Improper Access Control
Assigner
OX
References
Impacted products
Vendor Product Version
Open-Xchange GmbH OX Dovecot Pro Affected: 0 , ≤ 2.3.0 (semver)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-40020",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-12T15:40:03.182471Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-12T15:40:12.510Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "modules": [
            "core"
          ],
          "product": "OX Dovecot Pro",
          "vendor": "Open-Xchange GmbH",
          "versions": [
            {
              "lessThanOrEqual": "2.3.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Attacker can use the IMAP SETACL command to inject the anyone permission to user\u0027s dovecot-acl file even if imap_acl_allow_anyone=no. This causes folders to be spammed to all users. The impact is limited to being able to spam folders to other users, no unexpected access is gained. Install to fixed version. No publicly available exploits are known."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "Improper Access Control",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-12T13:39:04.810Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://documentation.open-xchange.com/dovecot/security/advisories/csaf/2026/oxdc-adv-2026-0002.json"
        }
      ],
      "source": {
        "defect": "DOV-9040",
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2026-40020",
    "datePublished": "2026-05-12T13:28:46.248Z",
    "dateReserved": "2026-04-08T09:59:59.342Z",
    "dateUpdated": "2026-05-12T15:40:12.510Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-40016 (GCVE-0-2026-40016)

Vulnerability from cvelistv5 – Published: 2026-05-12 13:28 – Updated: 2026-05-12 15:38
VLAI?
Summary
Attacker can upload a malicious Sieve script over ManageSieve service (or locally) to bypass configured CPU time limits for Sieve up to 130 times of the configured limit. Attacker can use this to degrade server performance and bypass configured CPU time limits for Sieve scripts. Install fixed version, or alternatively prevent direct access to Sieve scripts via ManageSieve or local access. No publicly available exploits are known.
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Assigner
OX
References
Impacted products
Vendor Product Version
Open-Xchange GmbH OX Dovecot Pro Affected: 0 , ≤ 2.3.0 (semver)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-40016",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-12T15:38:37.399932Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-12T15:38:42.912Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "modules": [
            "core"
          ],
          "product": "OX Dovecot Pro",
          "vendor": "Open-Xchange GmbH",
          "versions": [
            {
              "lessThanOrEqual": "2.3.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Attacker can upload a malicious Sieve script over ManageSieve service (or locally) to bypass configured CPU time limits for Sieve up to 130 times of the configured limit. Attacker can use this to degrade server performance and bypass configured CPU time limits for Sieve scripts. Install fixed version, or alternatively prevent direct access to Sieve scripts via ManageSieve or local access. No publicly available exploits are known."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-12T13:39:02.944Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://documentation.open-xchange.com/dovecot/security/advisories/csaf/2026/oxdc-adv-2026-0002.json"
        }
      ],
      "source": {
        "defect": "DOV-8948",
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2026-40016",
    "datePublished": "2026-05-12T13:28:45.534Z",
    "dateReserved": "2026-04-08T09:59:59.342Z",
    "dateUpdated": "2026-05-12T15:38:42.912Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-33603 (GCVE-0-2026-33603)

Vulnerability from cvelistv5 – Published: 2026-05-12 13:28 – Updated: 2026-05-12 15:08
VLAI?
Summary
Attacker can use a specially crafted base64 exchange between Dovecot and Client to fake SCRAM TLS channel binding. This requires that the attacker is able to position itself between Dovecot and the client connection. If successful, the attacker can eavesdrop communications between Dovecot and client as MITM proxy. Install fixed version. No publicly available exploits are known.
CWE
  • CWE-99 - Improper Control of Resource Identifiers ('Resource Injection')
Assigner
OX
References
Impacted products
Vendor Product Version
Open-Xchange GmbH OX Dovecot Pro Affected: 0 , ≤ 3.1.0 (semver)
Affected: 0 , ≤ 2.4.0 (semver)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-33603",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-12T15:07:52.503674Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-12T15:08:00.334Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "modules": [
            "core"
          ],
          "product": "OX Dovecot Pro",
          "vendor": "Open-Xchange GmbH",
          "versions": [
            {
              "lessThanOrEqual": "3.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "2.4.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Attacker can use a specially crafted base64 exchange between Dovecot and Client to fake SCRAM TLS channel binding. This requires that the attacker is able to position itself between Dovecot and the client connection. If successful, the attacker can eavesdrop communications between Dovecot and client as MITM proxy. Install fixed version. No publicly available exploits are known."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-99",
              "description": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-12T13:39:01.528Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://documentation.open-xchange.com/dovecot/security/advisories/csaf/2026/oxdc-adv-2026-0002.json"
        }
      ],
      "source": {
        "defect": "DOV-9030",
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2026-33603",
    "datePublished": "2026-05-12T13:28:44.802Z",
    "dateReserved": "2026-03-23T12:58:38.266Z",
    "dateUpdated": "2026-05-12T15:08:00.334Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-27851 (GCVE-0-2026-27851)

Vulnerability from cvelistv5 – Published: 2026-05-12 13:28 – Updated: 2026-06-30 12:08
VLAI?
Summary
When safe filter is used with variable expansion, all following pipelines on the same string are incorrectly interpreted as safe too, enabling unsafe data to be unescaped. This can enable SQL / LDAP injection attacks when used in authentication. Avoid using safe filter until on fixed version. No publicly available exploits are known.
CWE
  • CWE-235 - Improper Handling of Extra Parameters
Assigner
OX
References
Impacted products
Vendor Product Version
Open-Xchange GmbH OX Dovecot Pro Affected: 0 , ≤ 3.1.4 (semver)
Affected: 0 , ≤ 2.4.3 (semver)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-27851",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-12T15:06:27.723154Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-12T15:06:35.962Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:10"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux 10",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:6"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux 6",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:8"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux 8",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux 9",
            "vendor": "Red Hat"
          }
        ],
        "datePublic": "2026-05-12T13:28:43.846Z",
        "descriptions": [
          {
            "lang": "en",
            "value": "A flaw was found in Dovecot. When the safe filter is used with variable expansion, subsequent pipelines on the same string are incorrectly interpreted as safe, allowing unsafe data to be unescaped. This can enable SQL (Structured Query Language) or LDAP (Lightweight Directory Access Protocol) injection attacks when used in authentication, potentially leading to unauthorized access or information disclosure."
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "namespace": "https://access.redhat.com/security/updates/classification/",
                "value": "Important"
              },
              "type": "Red Hat severity rating"
            }
          },
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 7.4,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
              "version": "3.1"
            },
            "format": "CVSS"
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-89",
                "description": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-30T12:08:04.975Z",
          "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
          "shortName": "redhat-SADP"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2026-27851"
          },
          {
            "name": "RHBZ#2476471",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2476471"
          },
          {
            "tags": [
              "x_sadp-csaf-vex"
            ],
            "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-27851.json"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2026-05-12T14:01:35.826Z",
            "value": "Reported to Red Hat."
          },
          {
            "lang": "en",
            "time": "2026-05-12T13:28:43.846Z",
            "value": "Made public."
          }
        ],
        "title": "dovecot: Dovecot: SQL/LDAP injection via incorrect safe filter interpretation with variable expansion",
        "workarounds": [
          {
            "lang": "en",
            "value": "To mitigate this issue, avoid using the \u0027safe filter\u0027 feature in Dovecot configurations that involve variable expansion.\n\nAdministrators should review Dovecot configuration files, typically found in `/etc/dovecot/conf.d/`, to identify and disable or modify any configurations that utilize the `safe filter` with variable expansion. \nA restart of the Dovecot service is necessary for these changes to take effect and may impact services relying on this feature."
          }
        ],
        "x_adpType": "supplier",
        "x_generator": {
          "engine": "sadp-cli 1.0.0"
        }
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "modules": [
            "core"
          ],
          "product": "OX Dovecot Pro",
          "vendor": "Open-Xchange GmbH",
          "versions": [
            {
              "lessThanOrEqual": "3.1.4",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "2.4.3",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "When safe filter is used with variable expansion, all following pipelines on the same string are incorrectly interpreted as safe too, enabling unsafe data to be unescaped. This can enable SQL / LDAP injection attacks when used in authentication. Avoid using safe filter until on fixed version. No publicly available exploits are known."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-235",
              "description": "Improper Handling of Extra Parameters",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-12T13:38:59.967Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://documentation.open-xchange.com/dovecot/security/advisories/csaf/2026/oxdc-adv-2026-0002.json"
        }
      ],
      "source": {
        "defect": "DOV-8967",
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2026-27851",
    "datePublished": "2026-05-12T13:28:43.846Z",
    "dateReserved": "2026-02-24T08:46:09.372Z",
    "dateUpdated": "2026-06-30T12:08:04.975Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-33611 (GCVE-0-2026-33611)

Vulnerability from cvelistv5 – Published: 2026-04-22 14:01 – Updated: 2026-04-22 14:24
VLAI?
Title
Insufficient validation of HTTPS and SVCB records
Summary
An operator allowed to use the REST API can cause the Authoritative server to produce invalid HTTPS or SVCB record data, which can in turn cause LMDB database corruption, if using the LMDB backend.
CWE
  • Integer Overflow or Wraparound
Assigner
OX
Impacted products
Vendor Product Version
PowerDNS Authoritative Affected: 5.0.0 , < 5.0.4 (semver)
Affected: 4.9.0 , < 4.9.14 (semver)
Create a notification for this product.
Credits
Tibs
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-33611",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-22T14:24:04.530345Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-190",
                "description": "CWE-190 Integer Overflow or Wraparound",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-22T14:24:57.121Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.powerdns.com/",
          "defaultStatus": "unaffected",
          "modules": [
            "SVCB/ALPN parsing"
          ],
          "packageName": "pdns",
          "product": "Authoritative",
          "programFiles": [
            "dnswriter.cc",
            "rcpgenerator.cc"
          ],
          "repo": "https://github.com/PowerDNS/pdns",
          "vendor": "PowerDNS",
          "versions": [
            {
              "lessThan": "5.0.4",
              "status": "affected",
              "version": "5.0.0",
              "versionType": "semver"
            },
            {
              "lessThan": "4.9.14",
              "status": "affected",
              "version": "4.9.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Tibs"
        }
      ],
      "datePublic": "2026-04-08T22:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eAn operator allowed to use the REST API can cause the Authoritative server to produce invalid HTTPS or SVCB record data, which can in turn cause LMDB database corruption, if using the LMDB backend.\u003c/p\u003e"
            }
          ],
          "value": "An operator allowed to use the REST API can cause the Authoritative server to produce invalid HTTPS or SVCB record data, which can in turn cause LMDB database corruption, if using the LMDB backend."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-22T14:01:10.135Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "url": "https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-powerdns-2026-05.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Insufficient validation of HTTPS and SVCB records",
      "x_generator": {
        "engine": "Vulnogram 1.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2026-33611",
    "datePublished": "2026-04-22T14:01:10.135Z",
    "dateReserved": "2026-03-23T12:58:38.267Z",
    "dateUpdated": "2026-04-22T14:24:57.121Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-33610 (GCVE-0-2026-33610)

Vulnerability from cvelistv5 – Published: 2026-04-22 14:00 – Updated: 2026-04-22 14:26
VLAI?
Title
Possible file descriptor exhaustion in forward-dnsupdate
Summary
A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it.
CWE
  • Uncontrolled Resource Consumption
Assigner
OX
Impacted products
Vendor Product Version
PowerDNS Authoritative Affected: 5.0.0 , < 5.0.4 (semver)
Affected: 4.9.0 , < 4.9.14 (semver)
Create a notification for this product.
Credits
ylwango613
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-33610",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-22T14:25:29.036113Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-400",
                "description": "CWE-400 Uncontrolled Resource Consumption",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-22T14:26:32.724Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.powerdns.com/",
          "defaultStatus": "unaffected",
          "modules": [
            "DNS updates forwarding"
          ],
          "packageName": "pdns",
          "product": "Authoritative",
          "programFiles": [
            "rfc2136handler.cc"
          ],
          "repo": "https://github.com/PowerDNS/pdns",
          "vendor": "PowerDNS",
          "versions": [
            {
              "lessThan": "5.0.4",
              "status": "affected",
              "version": "5.0.0",
              "versionType": "semver"
            },
            {
              "lessThan": "4.9.14",
              "status": "affected",
              "version": "4.9.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "ylwango613"
        }
      ],
      "datePublic": "2026-04-08T22:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it.\u003c/p\u003e"
            }
          ],
          "value": "A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-22T14:00:51.529Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "url": "https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-powerdns-2026-05.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Possible file descriptor exhaustion in forward-dnsupdate",
      "x_generator": {
        "engine": "Vulnogram 1.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2026-33610",
    "datePublished": "2026-04-22T14:00:51.529Z",
    "dateReserved": "2026-03-23T12:58:38.267Z",
    "dateUpdated": "2026-04-22T14:26:32.724Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-33609 (GCVE-0-2026-33609)

Vulnerability from cvelistv5 – Published: 2026-04-22 14:00 – Updated: 2026-04-22 14:27
VLAI?
Title
LDAP DN injection
Summary
Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees.
CWE
  • Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')
Assigner
OX
Impacted products
Vendor Product Version
PowerDNS Authoritative Affected: 5.0.0 , < 5.0.4 (semver)
Affected: 4.9.0 , < 4.9.14 (semver)
Create a notification for this product.
Credits
ylwango613
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-33609",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-22T14:26:43.179728Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-90",
                "description": "CWE-90 Improper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-22T14:27:42.585Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.powerdns.com/",
          "defaultStatus": "unaffected",
          "modules": [
            "LDAP backend"
          ],
          "packageName": "pdns",
          "product": "Authoritative",
          "programFiles": [
            "powerldap.cc"
          ],
          "repo": "https://github.com/PowerDNS/pdns",
          "vendor": "PowerDNS",
          "versions": [
            {
              "lessThan": "5.0.4",
              "status": "affected",
              "version": "5.0.0",
              "versionType": "semver"
            },
            {
              "lessThan": "4.9.14",
              "status": "affected",
              "version": "4.9.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "ylwango613"
        }
      ],
      "datePublic": "2026-04-08T22:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eIncomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees.\u003c/p\u003e"
            }
          ],
          "value": "Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Improper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-22T14:00:33.702Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "url": "https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-powerdns-2026-05.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "LDAP DN injection",
      "x_generator": {
        "engine": "Vulnogram 1.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2026-33609",
    "datePublished": "2026-04-22T14:00:33.702Z",
    "dateReserved": "2026-03-23T12:58:38.267Z",
    "dateUpdated": "2026-04-22T14:27:42.585Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-33608 (GCVE-0-2026-33608)

Vulnerability from cvelistv5 – Published: 2026-04-22 14:00 – Updated: 2026-04-22 14:28
VLAI?
Title
Incomplete domain name sanitization during
Summary
An attacker can send a notify request that causes a new secondary domain to be added to the bind backend, but causes said backend to update its configuration to an invalid one, leading to the backend no longer able to run on the next restart, requiring manual operation to fix it.
CWE
  • Improper Control of Generation of Code ('Code Injection')
Assigner
OX
Impacted products
Vendor Product Version
PowerDNS Authoritative Affected: 5.0.0 , < 5.0.4 (semver)
Affected: 4.9.0 , < 4.9.14 (semver)
Create a notification for this product.
Credits
Vitaly Simonovich
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-33608",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-22T14:28:03.004705Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-94",
                "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-22T14:28:15.172Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.powerdns.com/",
          "defaultStatus": "unaffected",
          "modules": [
            "Bind backend"
          ],
          "packageName": "pdns",
          "product": "Authoritative",
          "programFiles": [
            "bindbackend2.cc"
          ],
          "repo": "https://github.com/PowerDNS/pdns",
          "vendor": "PowerDNS",
          "versions": [
            {
              "lessThan": "5.0.4",
              "status": "affected",
              "version": "5.0.0",
              "versionType": "semver"
            },
            {
              "lessThan": "4.9.14",
              "status": "affected",
              "version": "4.9.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Vitaly Simonovich"
        }
      ],
      "datePublic": "2026-04-08T22:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eAn attacker can send a notify request that causes a new secondary domain to be added to the bind backend, but causes said backend to update its configuration to an invalid one, leading to the backend no longer able to run on the next restart, requiring manual operation to fix it.\u003c/p\u003e"
            }
          ],
          "value": "An attacker can send a notify request that causes a new secondary domain to be added to the bind backend, but causes said backend to update its configuration to an invalid one, leading to the backend no longer able to run on the next restart, requiring manual operation to fix it."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-22T14:00:15.473Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "url": "https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-powerdns-2026-05.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Incomplete domain name sanitization during",
      "x_generator": {
        "engine": "Vulnogram 1.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2026-33608",
    "datePublished": "2026-04-22T14:00:15.473Z",
    "dateReserved": "2026-03-23T12:58:38.267Z",
    "dateUpdated": "2026-04-22T14:28:15.172Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-33593 (GCVE-0-2026-33593)

Vulnerability from cvelistv5 – Published: 2026-04-22 13:48 – Updated: 2026-04-22 14:29
VLAI?
Title
Denial of service via crafted DNSCrypt query
Summary
A client can trigger a divide by zero error leading to crash by sending a crafted DNSCrypt query.
CWE
  • Divide By Zero
Assigner
OX
Impacted products
Vendor Product Version
PowerDNS DNSdist Affected: 1.9.0 , < 1.9.13 (semver)
Affected: 2.0.0 , < 2.0.4 (semver)
Create a notification for this product.
Credits
Haruto Kimura (Stella)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-33593",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-22T14:29:04.663683Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-369",
                "description": "CWE-369 Divide By Zero",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-22T14:29:07.880Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.powerdns.com/",
          "defaultStatus": "unaffected",
          "modules": [
            "DNSCrypt"
          ],
          "packageName": "dnsdist",
          "product": "DNSdist",
          "programFiles": [
            "dnscrypt.cc"
          ],
          "repo": "https://github.com/PowerDNS/pdns",
          "vendor": "PowerDNS",
          "versions": [
            {
              "lessThan": "1.9.13",
              "status": "affected",
              "version": "1.9.0",
              "versionType": "semver"
            },
            {
              "lessThan": "2.0.4",
              "status": "affected",
              "version": "2.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Haruto Kimura (Stella)"
        }
      ],
      "datePublic": "2026-04-21T22:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA client can trigger a divide by zero error leading to crash by sending a crafted DNSCrypt query.\u003c/p\u003e"
            }
          ],
          "value": "A client can trigger a divide by zero error leading to crash by sending a crafted DNSCrypt query."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Divide By Zero",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-22T13:48:31.103Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "url": "https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-04.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Denial of service via crafted DNSCrypt query",
      "x_generator": {
        "engine": "Vulnogram 1.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2026-33593",
    "datePublished": "2026-04-22T13:48:31.103Z",
    "dateReserved": "2026-03-23T12:57:56.813Z",
    "dateUpdated": "2026-04-22T14:29:07.880Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-33594 (GCVE-0-2026-33594)

Vulnerability from cvelistv5 – Published: 2026-04-22 13:48 – Updated: 2026-04-22 14:36
VLAI?
Title
Outgoing DoH excessive memory allocation
Summary
A client can trigger excessive memory allocation by generating a lot of queries that are routed to an overloaded DoH backend, causing queries to accumulate into a buffer that will not be released until the end of the connection.
CWE
  • Allocation of Resources Without Limits or Throttling
Assigner
OX
Impacted products
Vendor Product Version
PowerDNS DNSdist Affected: 1.9.0 , < 1.9.13 (semver)
Affected: 2.0.0 , < 2.0.4 (semver)
Create a notification for this product.
Credits
Mehtab Zafar
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-33594",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-22T14:36:44.423277Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-770",
                "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-22T14:36:48.875Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.powerdns.com/",
          "defaultStatus": "unaffected",
          "modules": [
            "Outgoing DNS over HTTPS"
          ],
          "packageName": "dnsdist",
          "product": "DNSdist",
          "programFiles": [
            "dnsdist-nghttp2.cc"
          ],
          "repo": "https://github.com/PowerDNS/pdns",
          "vendor": "PowerDNS",
          "versions": [
            {
              "lessThan": "1.9.13",
              "status": "affected",
              "version": "1.9.0",
              "versionType": "semver"
            },
            {
              "lessThan": "2.0.4",
              "status": "affected",
              "version": "2.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Mehtab Zafar"
        }
      ],
      "datePublic": "2026-04-21T22:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA client can trigger excessive memory allocation by generating a lot of queries that are routed to an overloaded DoH backend, causing queries to accumulate into a buffer that will not be released until the end of the connection.\u003c/p\u003e"
            }
          ],
          "value": "A client can trigger excessive memory allocation by generating a lot of queries that are routed to an overloaded DoH backend, causing queries to accumulate into a buffer that will not be released until the end of the connection."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-22T13:48:14.166Z",
        "orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
        "shortName": "OX"
      },
      "references": [
        {
          "url": "https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-04.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Outgoing DoH excessive memory allocation",
      "x_generator": {
        "engine": "Vulnogram 1.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
    "assignerShortName": "OX",
    "cveId": "CVE-2026-33594",
    "datePublished": "2026-04-22T13:48:14.166Z",
    "dateReserved": "2026-03-23T12:57:56.814Z",
    "dateUpdated": "2026-04-22T14:36:48.875Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}