| CVE-2026-35579 |
critical |
9.8 |
9.8 |
|
|
|
1mo ago |
CoreDNS has TSIG authentication bypass on gRPC and QUIC transports |
| CVE-2026-33489 |
high |
7.5 |
7.5 |
|
|
|
1mo ago |
CoreDNS' transfer stanza selection uses lexicographic compare (subzone ACL bypass) |
| CVE-2026-33190 |
high |
7.5 |
7.5 |
|
|
|
1mo ago |
CoreDNS has TSIG authentication bypass on DoT, DoH, DoH3, DoQ, and gRPC |
| CVE-2026-32936 |
high |
7.5 |
7.5 |
|
|
|
1mo ago |
CoreDNS DoH GET oversized dns= query parameter causes pre-validation CPU and memory amplification |
| CVE-2026-32934 |
high |
7.5 |
7.5 |
|
|
|
1mo ago |
CoreDNS' DoQ worker pool does not bound stream backlog |
| CVE-2024-0874 |
medium |
5.3 |
5.3 |
|
|
|
2y ago |
A flaw was found in coredns. This issue could lead to invalid cache entries returning due to incorrectly implemented caching. |
