| CVE-2026-35579 |
critical |
9.8 |
9.8 |
22d ago |
CoreDNS has TSIG authentication bypass on gRPC and QUIC transports |
|
| CVE-2026-33489 |
high |
7.5 |
7.5 |
22d ago |
CoreDNS' transfer stanza selection uses lexicographic compare (subzone ACL bypass) |
|
| CVE-2026-33190 |
high |
7.5 |
7.5 |
22d ago |
CoreDNS has TSIG authentication bypass on DoT, DoH, DoH3, DoQ, and gRPC |
|
| CVE-2026-32936 |
high |
7.5 |
7.5 |
22d ago |
CoreDNS DoH GET oversized dns= query parameter causes pre-validation CPU and memory amplification |
|
| CVE-2026-32934 |
high |
7.5 |
7.5 |
22d ago |
CoreDNS' DoQ worker pool does not bound stream backlog |
|
| CVE-2026-26018 |
unknown |
— |
— |
3mo ago |
CoreDNS Loop Detection Denial of Service Vulnerability in github.com/coredns/coredns |
|
| CVE-2026-26017 |
unknown |
— |
— |
3mo ago |
CoreDNS ACL Bypass in github.com/coredns/coredns |
|
| CVE-2025-68151 |
unknown |
— |
— |
5mo ago |
CoreDNS gRPC/HTTPS/HTTP3 servers lack resource limits, enabling DoS via unbounded connections and oversized messages in github.com/coredns/coredns |
|
| CVE-2025-58063 |
unknown |
— |
— |
9mo ago |
CoreDNS: DNS Cache Pinning via etcd Lease ID Confusion in github.com/coredns/coredns |
|
| CVE-2025-47950 |
unknown |
— |
— |
1y ago |
CoreDNS Vulnerable to DoQ Memory Exhaustion via Stream Amplification in github.com/coredns/coredns |
|
| CVE-2023-30464 |
unknown |
— |
— |
2y ago |
CoreDNS Cache Poisoning via a birthday attack in github.com/coredns/coredns |
|
| CVE-2023-28452 |
unknown |
— |
— |
2y ago |
CoreDNS vulnerable to TuDoor Attacks in github.com/coredns/coredns |
|
| CVE-2024-0874 |
unknown |
— |
— |
2y ago |
CoreDNS may return invalid cache entries in github.com/coredns/coredns |
|
| CVE-2022-2835 |
unknown |
— |
— |
3y ago |
coreDNS vulnerable to Improper Restriction of Communication Channel to Intended Endpoints |
|
| CVE-2022-2837 |
unknown |
— |
— |
3y ago |
coreDNS vulnerable to Improper Restriction of Communication Channel to Intended Endpoints |
|