Cache Poisoning Vulnerability in PowerDNS Recursor
CVE-2025-59023

8.2HIGH

Key Information:

Vendor: Powerdns
Status: Recursor
Vendor: CVE Published:; 9 February 2026

What is CVE-2025-59023?

A vulnerability exists in PowerDNS Recursor where crafted delegations or IP fragments can corrupt cached delegations, potentially leading to unauthorized access to DNS data. This exploit could allow attackers to manipulate DNS responses, impacting the integrity and reliability of domain resolution.

Affected Version(s)

Recursor 5.3.0 < 5.3.1

Recursor 5.2.0 < 5.2.6

Recursor 5.1.0 < 5.1.8

References

https://docs.powerdns.com/recursor/security-advisories/po...

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 9, 2026
Vulnerability Reserved
Sep 8, 2025

Credit

Yuxiao Wu from Tsinghua University

Yunyi Zhang from Tsinghua University

Baojun Liu from Tsinghua University

Haixin Duan from Tsinghua University

Shiming Liu from Network and Information Security Lab, Tsinghua University

CVE-2025-59023 Data

JSON

Powerdns

What is CVE-2025-59023?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit