Cached Delegation Poisoning Vulnerability in PowerDNS Recursor
CVE-2025-59024

6.5MEDIUM

Key Information:

Vendor: Powerdns
Status: Recursor
Vendor: CVE Published:; 9 February 2026

What is CVE-2025-59024?

A vulnerability in PowerDNS Recursor allows attackers to exploit crafted delegations or IP fragments. This can lead to the poisoning of cached delegations, potentially affecting DNS query responses and causing service disruptions or misdirected traffic. It's crucial for users of PowerDNS Recursor to apply necessary patches and security updates to mitigate these risks.

Affected Version(s)

Recursor 5.3.0 < 5.3.1

Recursor 5.2.0 < 5.2.6

Recursor 5.1.0 < 5.1.8

References

https://docs.powerdns.com/recursor/security-advisories/po...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 9, 2026
Vulnerability Reserved
Sep 8, 2025

Credit

Yuxiao Wu from Tsinghua University

Yunyi Zhang from Tsinghua University

Baojun Liu from Tsinghua University

Haixin Duan from Tsinghua University

Shiming Liu from Network and Information Security Lab, Tsinghua University

CVE-2025-59024 Data

JSON

Powerdns

What is CVE-2025-59024?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit