5.9

CVE-2026-52690

Spoofed answers can mark an authoritative non-EDNS capable

Spoofing replies to Recursor might mark an IP of an authoritative server as not supporting EDNS, causing valdiation of DNSSEC records served by that server to fail.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerPowerDNS
Produkt Recursor
Default Statusunaffected
Version 5.2.0
Version < 5.2.11
Status affected
Version 5.3.0
Version < 5.3.8
Status affected
Version 5.4.0
Version < 5.4.3
Status affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.35% 0.271
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
security@open-xchange.com 5.9 2.2 3.6
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-290 Authentication Bypass by Spoofing

This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-08.html