Skip to content

PowerDNS: Multiple vulnerabilities enable DoS and cache manipulation

In brief: Multiple vulnerabilities in PowerDNS allow remote attackers to conduct DoS attacks, cache poisoning, and bypass security checks without authentication.

Multiple vulnerabilities in PowerDNS enable attackers without authentication to trigger denial-of-service conditions, manipulate DNS caches, and compromise DNSSEC validation. The flaws affect the integrity and availability of DNS resolution.

Multiple vulnerabilities have been identified in PowerDNS that allow remote, anonymous attackers to inflict serious damage on DNS infrastructure. An attacker can act without prior authentication.

Specifically, the vulnerabilities can lead to denial-of-service conditions, DNS caches can be manipulated (cache poisoning), and security checks can be circumvented. Additionally, there is a risk of disclosing confidential information, impairing DNSSEC validation, and affecting the overall integrity and availability of DNS resolution.

For CISOs, this represents a significant risk to the trustworthiness of DNS infrastructure. PowerDNS is frequently deployed as an authoritative or recursive resolver in enterprise environments. Through these vulnerabilities, an attacker could endanger the availability of services as well as manipulate or redirect traffic. Swift analysis of deployed PowerDNS versions and timely patching are required to minimize exploitation risk.


Source: wid.cert-bund.de · Published 26 June 2026
Lumi AI News — AI-assisted curation pursuant to Art. 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.7.1.

Share on: