539 matches found
CVE-2026-52690
Spoofing replies to Recursor might mark an IP of an authoritative server as not supporting EDNS, causing valdiation of DNSSEC records served by that server to fail...
CVE-2026-42389
This fix provides extra hardening for the 5.4.x branch by doing extra validation of incoming answers from authoritative servers...
CVE-2026-42387
A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to a crash of the Recursor due to insuffcient input validation...
EUVD-2026-39388
This fix provides extra hardening for the 5.4.x branch by doing extra validation of incoming answers from authoritative servers...
CVE-2026-42389
This fix provides extra hardening for the 5.4.x branch by doing extra validation of incoming answers from authoritative servers...
CVE-2026-42389 Reject more queries with invalid header values
This fix provides extra hardening for the 5.4.x branch by doing extra validation of incoming answers from authoritative servers...
CVE-2026-42389
CVE-2026-42389 fixes an issue by adding extra hardening in the 5.4.x branch through enhanced validation of incoming answers from authoritative servers (no exploited details provided in the documents).
CVE-2026-42389
This fix provides extra hardening for the 5.4.x branch by doing extra validation of incoming answers from authoritative servers...
CVE-2026-33612
A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to cache poisoning...
CVE-2026-52690
Spoofing replies to Recursor might mark an IP of an authoritative server as not supporting EDNS, causing valdiation of DNSSEC records served by that server to fail...
CVE-2026-52690
CVE-2026-52690 affects the PowerDNS Recursor. Spoofed replies can cause an authoritative server’s IP to be marked as not supporting EDNS, leading to DNSSEC validation failures for records served by that server. The vulnerability’s impact is documented as enabling validation failures in the presen...
CVE-2026-52690 Spoofed answers can mark an authoritative non-EDNS capable
Spoofing replies to Recursor might mark an IP of an authoritative server as not supporting EDNS, causing valdiation of DNSSEC records served by that server to fail...
CVE-2026-52690
Spoofing replies to Recursor might mark an IP of an authoritative server as not supporting EDNS, causing valdiation of DNSSEC records served by that server to fail...
CVE-2026-52690
Spoofing replies to Recursor might mark an IP of an authoritative server as not supporting EDNS, causing valdiation of DNSSEC records served by that server to fail...
CVE-2026-42387 Insufficient input validation in ZoneToCache
A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to a crash of the Recursor due to insuffcient input validation...
CVE-2026-42387
A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to a crash of the Recursor due to insuffcient input validation...
CVE-2026-42387
A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to a crash of the Recursor due to insuffcient input validation...
CVE-2026-33612
CVE-2026-33612 describes a cache-poisoning vulnerability in a ZoneToCache flow: a malicious authoritative server can craft a zone that is cached, compromising integrity of cached data. The CVSS3.1 metrics indicate Network access, high attack complexity, no privileges required, no user interaction...
EUVD-2026-39352
A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to cache poisoning...
CVE-2026-33612 ZoneToCache can poison the cache
A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to cache poisoning...