CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

6.5CVSS5.7AI score0.00003EPSS

ROS-20260209-73-0019

PowerDNS Recursor DNS server vulnerability is related to failure to take measures to neutralize special elements in the output data. Exploitation of the vulnerability could allow a remote attacker to affect the integrity and availability of protected information...

8.2CVSS5.7AI score0.00007EPSS

ROS-20260209-73-0017

CNNVD•added 2026/02/09 12:0 a.m.•3 views

PowerDNS Recursor（pdns_recursor）安全漏洞

PowerDNS Recursor pdnsrecursor is a domain name resolution server developed by the Dutch company PowerDNS. There is a security vulnerability in PowerDNS Recursor, which stems from the possibility of custom delegation or IP fragments contaminating cached delegation data...

6.5CVSS5.8AI score0.00003EPSS

Exploits0References2

6.5CVSS5.7AI score0.00003EPSS

ROS-20260209-73-0020

8.2CVSS5.7AI score0.00007EPSS

ROS-20260209-73-0018

Positive Technologies•added 2026/01/01 12:0 a.m.•3 views

PT-2026-7113

Name of the Vulnerable Software and Affected Versions Recursor affected versions not specified Description Improperly crafted zones may cause increased resource consumption. Additionally, crafted CNAME chains can lead to cache poisoning within the Recursor. Recommendations At the moment, there is...

5.3CVSS5.4AI score0.00008EPSS

Exploits0References13

Debian•added 2025/12/10 9:49 a.m.•5 views

[SECURITY] [DSA 6077-1] pdns-recursor security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6077-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 10, 2025 https://www.debian.org/security/faq -...

7.5CVSS6.8AI score0.00117EPSS

OpenVAS•added 2025/12/10 12:0 a.m.•6 views

Debian: Security Advisory (DSA-6077-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.00117EPSS

Exploits0References2

Tenable Nessus•added 2025/12/10 12:0 a.m.•4 views

Debian dsa-6077 : pdns-recursor - security update

The remote Debian 13 host has a package installed that is affected by a vulnerability as referenced in the dsa-6077 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6077-1 [email protected] https://www.debian.org/security/...

7.5CVSS5.5AI score0.00117EPSS

Exploits0References4

OSV•added 2025/12/10 12:0 a.m.•6 views

DSA-6077-1 pdns-recursor - security update

Bulletin has no description...

7.5CVSS6.9AI score0.00117EPSS

Vulnrichment•added 2025/12/09 9:16 a.m.•3 views

CVE-2025-59029 Internal logic flaw in cache management can lead to a denial of service in PowerDNS Recursor

An attacker can trigger an assertion failure by requesting crafted DNS records, waiting for them to be inserted into the records cache, then send a query with qtype set to ANY...

5.3CVSS6.4AI score0.00009EPSS

Cvelist•added 2025/12/09 9:16 a.m.•17 views

CVE-2025-59029 Internal logic flaw in cache management can lead to a denial of service in PowerDNS Recursor

An attacker can trigger an assertion failure by requesting crafted DNS records, waiting for them to be inserted into the records cache, then send a query with qtype set to ANY...

5.3CVSS0.00009EPSS

Debian CVE•added 2025/12/09 9:16 a.m.•4 views

CVE-2025-59029

An attacker can trigger an assertion failure by requesting crafted DNS records, waiting for them to be inserted into the records cache, then send a query with qtype set to ANY...

5.3CVSS5.3AI score0.00009EPSS

CVE•added 2025/12/09 9:16 a.m.•8 views

CVE-2025-59029

PowerDNS Recursor exposes CVE-2025-59029: an attacker can trigger an assertion failure by sending crafted DNS records and then querying with qtype=ANY after records are cached. The issue affects the PowerDNS Recursor family per multiple CNVD/NVD/CVE records; the NVD metrics indicate NETWORK attac...

5.3CVSS6.2AI score0.00009EPSS

Exploits0References1Affected Software1

AlpineLinux•added 2025/12/09 9:16 a.m.•3 views

CVE-2025-59029

An attacker can trigger an assertion failure by requesting crafted DNS records, waiting for them to be inserted into the records cache, then send a query with qtype set to ANY...

5.3CVSS6.6AI score0.00009EPSS

CVE•added 2025/12/09 9:15 a.m.•18 views

CVE-2025-59030

PowerDNS Recursor is affected by CVE-2025-59030 due to insufficient validation of incoming notifies over TCP, which can lead to a denial of service. Debian notes the fix in pdns-recursor 5.2.7-0+deb13u1 for the stable TRIXIE release and recommends upgrading. Other OpenVAS/NVD references reiterate...

7.5CVSS6.3AI score0.00117EPSS

Exploits0References1Affected Software1

Debian CVE•added 2025/12/09 9:15 a.m.•4 views

CVE-2025-59030

An attacker can trigger the removal of cached records by sending a NOTIFY query over TCP...

7.5CVSS5.3AI score0.00117EPSS

AlpineLinux•added 2025/12/09 9:15 a.m.•7 views

CVE-2025-59030

An attacker can trigger the removal of cached records by sending a NOTIFY query over TCP...

7.5CVSS6.7AI score0.00117EPSS

Vulnrichment•added 2025/12/09 9:15 a.m.•1 views

CVE-2025-59030 Insufficient validation of incoming notifies over TCP can lead to a denial of service in Recursor

An attacker can trigger the removal of cached records by sending a NOTIFY query over TCP...

7.5CVSS6.5AI score0.00117EPSS

Cvelist•added 2025/12/09 9:15 a.m.•26 views

CVE-2025-59030 Insufficient validation of incoming notifies over TCP can lead to a denial of service in Recursor

An attacker can trigger the removal of cached records by sending a NOTIFY query over TCP...

7.5CVSS0.00117EPSS