Resource Usage and Cache Poisoning Vulnerability in PowerDNS Recursor
CVE-2026-0398

5.3MEDIUM

Key Information:

Vendor: Powerdns
Status: Recursor
Vendor: CVE Published:; 9 February 2026

What is CVE-2026-0398?

A vulnerability has been identified in the PowerDNS Recursor, where crafted zones can lead to increased resource consumption. Additionally, manipulated CNAME chains may result in cache poisoning, potentially affecting the integrity of DNS responses. This vulnerability emphasizes the importance of maintaining updated versions and implementing robust security measures to safeguard DNS infrastructure.

Affected Version(s)

Recursor 5.3.0 < 5.3.5

Recursor 5.2.0 < 5.2.8

Recursor 5.1.0 < 5.1.10

References

https://docs.powerdns.com/recursor/security-advisories/po...

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 9, 2026
Vulnerability Reserved
Nov 28, 2025

Credit

Yufan You from Tsinghua University

TaoFei Guo from Peking University

Yang Luo from Tsinghua University

JianJun Chen from Tsinghua University

CVE-2026-0398 Data

JSON

Powerdns

What is CVE-2026-0398?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit