CVE search results

1 – 10 of 93 results

Detailed view

Sort by:

CVE-2026-42396

Medium priority

Needs evaluation

Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail

1 affected package

pdns

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
pdns	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2026-42002

Medium priority

Needs evaluation

Concurrency and locking defects in GSS-TSIG

1 affected package

pdns

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
pdns	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2026-42001

Medium priority

Needs evaluation

Insufficient Validation of Autoprimary SOA Queries

1 affected package

pdns

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
pdns	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2026-42000

Medium priority

Needs evaluation

Insufficient Validation of Names During AXFR

1 affected package

pdns

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
pdns	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2026-41999

Medium priority

Needs evaluation

Incorrect Behaviour of Views with TCP PROXY Requests

1 affected package

pdns

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
pdns	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2026-33611

Medium priority

Needs evaluation

An operator allowed to use the REST API can cause the Authoritative server to produce invalid HTTPS or SVCB record data, which can in turn cause LMDB database corruption, if using the LMDB backend.

1 affected package

pdns

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
pdns	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2026-33610

Medium priority

Needs evaluation

A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it.

1 affected package

pdns

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
pdns	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2026-33609

Medium priority

Needs evaluation

Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees.

1 affected package

pdns

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
pdns	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

An attacker can send a notify request that causes a new secondary domain to be added to the bind backend, but causes said backend to update its configuration to an invalid one, leading to the backend no longer able to run on the...

1 affected package

pdns

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
pdns	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2026-33601

Medium priority

Needs evaluation

If you use the zoneToCache function with a malicious authoritative server, an attacker can send a zone that result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service.

1 affected package

pdns-recursor

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
pdns-recursor	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

Export to JSON

Results by page:

Search CVE reports

CVE-2026-42396

CVE-2026-42002

CVE-2026-42001

CVE-2026-42000

CVE-2026-41999

CVE-2026-33611

CVE-2026-33610

CVE-2026-33609

CVE-2026-33608

CVE-2026-33601