CVE-2026-25518

EPSS 0.35%
Veröffentlicht 04.02.2026 21:18:06
Zuletzt bearbeitet 27.02.2026 20:20:22
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

cert-manager-controller DoS via Specially Crafted DNS Response

cert-manager adds certificates and certificate issuers as resource types in Kubernetes clusters, and simplifies the process of obtaining, renewing and using those certificates. In versions from 1.18.0 to before 1.18.5 and from 1.19.0 to before 1.19.3, the cert-manager-controller performs DNS lookups during ACME DNS-01 processing (for zone discovery and propagation self-checks). By default, these lookups use standard unencrypted DNS. An attacker who can intercept and modify DNS traffic from the cert-manager-controller pod can insert a crafted entry into cert-manager's DNS cache. Accessing this entry will trigger a panic, resulting in denial‑of‑service (DoS) of the cert-manager controller. The issue can also be exploited if the authoritative DNS server for the domain being validated is controlled by a malicious actor. This issue has been patched in versions 1.18.5 and 1.19.3.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 2 Referenzen 10

NVD 2 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cert-manager ≫ Cert-manager Version >= 1.18.0 < 1.18.5

Cert-manager ≫ Cert-manager Version >= 1.19.0 < 1.19.3

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.35%	0.266

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.9	2.2	3.6	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
security-advisories@github.com	5.9	2.2	3.6	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-129 Improper Validation of Array Index

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

CWE-704 Incorrect Type Conversion or Cast

The product does not correctly convert an object, resource, or structure from one type to a different type.

https://github.com/cert-manager/cert-manager/security/advisories/GHSA-gx3x-vq4p-mhhv

Patch

Vendor Advisory

Mitigation

https://github.com/cert-manager/cert-manager/pull/8467

Patch

Issue Tracking

https://github.com/cert-manager/cert-manager/pull/8468

Patch

Issue Tracking

https://github.com/cert-manager/cert-manager/pull/8469

Patch

Issue Tracking

https://github.com/cert-manager/cert-manager/commit/409fc24e539711a07aae45ed45abbe03dfdad2cc

Patch

https://github.com/cert-manager/cert-manager/commit/9a73a0b3853035827edd37ac463e4803ba10327d

Patch

https://github.com/cert-manager/cert-manager/commit/d4faed26ae12115cceb807cdc12507ebc28980e2

Patch

https://nvd.nist.gov/vuln/detail/CVE-2026-25518

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-25518

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-25518

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-25518