CVE-2026-0396 in PowerDNS DNSdistinformation

Résumé (Anglaise)

An attacker might be able to inject HTML content into the internal web dashboard by sending crafted DNS queries to a DNSdist instance where domain-based dynamic rules have been enabled via either DynBlockRulesGroup:setSuffixMatchRule or DynBlockRulesGroup:setSuffixMatchRuleFFI.

Réserver

28/11/2025

Divulgation

31/03/2026

Entrées

VulDB provides additional information and datapoints for this CVE:

ID	Vulnérabilité	CWE	Exp	Con	CVE
354373	PowerDNS DNSdist DynBlockRulesGroup:setSuffixMatchRuleFFI élévation de privilèges	74	Non défini	Correctif officiel	CVE-2026-0396

Description

CPE

CWE

CVSS

Exploits

Histoire

Diff

Relier

Renseignements sur les menaces

API JSON

API XML

API CSV

◂ PrécédentAperçuSuivant ▸

Do you know our Splunk app?

Download it now for free!