VIR Vulnerability Intelligence Relay

Package impact

golang Go / github.com/coredns/coredns

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-35579 critical 9.8 9.8 29d ago CoreDNS has TSIG authentication bypass on gRPC and QUIC transports
CVE-2026-33489 high 7.5 7.5 29d ago CoreDNS' transfer stanza selection uses lexicographic compare (subzone ACL bypass)
CVE-2026-33190 high 7.5 7.5 29d ago CoreDNS has TSIG authentication bypass on DoT, DoH, DoH3, DoQ, and gRPC
CVE-2026-32936 high 7.5 7.5 29d ago CoreDNS DoH GET oversized dns= query parameter causes pre-validation CPU and memory amplification
CVE-2026-32934 high 7.5 7.5 29d ago CoreDNS' DoQ worker pool does not bound stream backlog
CVE-2024-0874 medium 5.3 5.3 2y ago A flaw was found in coredns. This issue could lead to invalid cache entries returning due to incorrectly implemented caching.
CVE-2026-26018 unknown 3mo ago CoreDNS Loop Detection Denial of Service Vulnerability in github.com/coredns/coredns
CVE-2026-26017 unknown 3mo ago CoreDNS ACL Bypass in github.com/coredns/coredns
CVE-2025-68151 unknown 5mo ago CoreDNS gRPC/HTTPS/HTTP3 servers lack resource limits, enabling DoS via unbounded connections and oversized messages in github.com/coredns/coredns
CVE-2025-58063 unknown 9mo ago CoreDNS: DNS Cache Pinning via etcd Lease ID Confusion in github.com/coredns/coredns
CVE-2025-47950 unknown 1y ago CoreDNS Vulnerable to DoQ Memory Exhaustion via Stream Amplification in github.com/coredns/coredns
CVE-2023-30464 unknown 2y ago CoreDNS Cache Poisoning via a birthday attack in github.com/coredns/coredns
CVE-2023-28452 unknown 2y ago CoreDNS vulnerable to TuDoor Attacks in github.com/coredns/coredns
CVE-2022-2835 unknown 3y ago coreDNS vulnerable to Improper Restriction of Communication Channel to Intended Endpoints
CVE-2022-2837 unknown 3y ago coreDNS vulnerable to Improper Restriction of Communication Channel to Intended Endpoints