CVE-2026-52690

Source
https://cve.org/CVERecord?id=CVE-2026-52690
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-52690.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-52690
Downstream
Published
2026-06-25T13:01:40.347Z
Modified
2026-07-08T08:13:43.061254500Z
Severity
  • 5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
Spoofed answers can mark an authoritative non-EDNS capable
Details

Spoofing replies to Recursor might mark an IP of an authoritative server as not supporting EDNS, causing valdiation of DNSSEC records served by that server to fail.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/52xxx/CVE-2026-52690.json",
    "cna_assigner": "OX"
}
References

Affected packages

Git / github.com/powerdns/pdns

Affected ranges

Type
GIT
Repo
https://github.com/powerdns/pdns
Events
Database specific
{
    "source": "AFFECTED_FIELD",
    "extracted_events": [
        {
            "introduced": "5.2.0"
        },
        {
            "fixed": "5.2.11"
        },
        {
            "introduced": "5.3.0"
        },
        {
            "fixed": "5.3.8"
        },
        {
            "introduced": "5.4.0"
        },
        {
            "fixed": "5.4.3"
        }
    ]
}

Affected versions

rec-5.*
rec-5.2.0
rec-5.2.10
rec-5.2.2
rec-5.2.4
rec-5.2.5
rec-5.2.6
rec-5.2.8
rec-5.3.0
rec-5.3.1
rec-5.3.4
rec-5.3.7
rec-5.4.0
rec-5.4.0-rc1
rec-5.4.2

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-52690.json"