Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

PowerDNS — Vulnerabilities & Security Advisories 53

Browse all 53 CVE security advisories affecting PowerDNS. AI-powered Chinese analysis, POCs, and references for each vulnerability.

PowerDNS is an open-source authoritative and recursive DNS server widely deployed to resolve domain names for internet infrastructure. Its extensive attack surface has resulted in fifty-three recorded CVEs, reflecting the complexity of its configuration and extension mechanisms. Historically, vulnerabilities have predominantly involved remote code execution, buffer overflows, and denial-of-service conditions, often stemming from improper input validation in the recursor or authoritative server components. While the software itself is robust, security incidents frequently arise from misconfigurations or unpatched third-party modules rather than fundamental architectural flaws. The project maintains a responsible disclosure process, though the high volume of past issues highlights the challenges of maintaining security in a feature-rich, C++-based codebase. Administrators must prioritize regular updates and strict access controls to mitigate risks associated with these known weaknesses in the DNS resolution ecosystem.

Found 18 results / 53Clear Filters
Top products by PowerDNS: DNSdist Recursor Authoritative PowerDNS Recursor pdns PowerDNS Authoritative Server PowerDNS PowerDNS Authoritative pdns-recursor
CVE IDTitleCVSSSeverityPublished
CVE-2026-33262 Insufficient validation of cookie reply — Recursor 5.9 Medium2026-04-22
CVE-2026-33261 Null pointer accces in aggressive NSEC(3) cache — Recursor 5.9 Medium2026-04-22
CVE-2026-33259 Concurrent modification of RPZ data can lead to denial of servce — Recursor 5.0 Medium2026-04-22
CVE-2026-33258 Crafted zones can cause increased resource usage — Recursor 5.3 Medium2026-04-22
CVE-2026-33256 Unbounded memory allocation by internal web server — Recursor 5.3 Medium2026-04-22
CVE-2026-33601 Insufficient validation of zonemd record — Recursor 4.4 Medium2026-04-22
CVE-2026-33600 Null pointer dereference in RPZ transfer — Recursor 4.4 Medium2026-04-22
CVE-2025-59024 Crafted delegations or IP fragments can poison cached delegations in Recursor — Recursor 6.5 Medium2026-02-09
CVE-2025-59023 Crafted delegations or IP fragments can poison cached delegations in Recursor — Recursor 8.2 High2026-02-09
CVE-2026-24027 Crafted zones can lead to increased incoming network traffic — Recursor 5.3 Medium2026-02-09
CVE-2026-0398 Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poisoning in Recursor — Recursor 5.3 Medium2026-02-09
CVE-2025-59029 Internal logic flaw in cache management can lead to a denial of service in PowerDNS Recursor — RecursorCWE-617 5.3 Medium2025-12-09
CVE-2025-59030 Insufficient validation of incoming notifies over TCP can lead to a denial of service in Recursor — RecursorCWE-276 7.5 High2025-12-09
CVE-2025-30192 A Recursor configured to send out ECS enabled queries can be sensitive to spoofing attempts — RecursorCWE-345 7.5 High2025-07-21
CVE-2025-30195 A crafted zone can lead to an illegal memory access in the PowerDNS Recursor — RecursorCWE-476 7.5 High2025-04-07
CVE-2024-25590 Crafted responses can lead to a denial of service due to cache inefficiencies in the Recursor — RecursorCWE-20 7.5 High2024-10-03
CVE-2024-25583 Crafted responses can lead to a denial of service in Recursor if recursive forwarding is configured — RecursorCWE-20 7.5 High2024-04-25
CVE-2023-26437 Deterred spoofing attempts can lead to authoritative servers being marked unavailable — Recursor 3.4 Low2023-04-04

This page lists every published CVE security advisory associated with PowerDNS. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.