Spoofed answers can mark an authoritative non-EDNS capable_CVE-2026-52690

5.9 / 10

MEDIUM

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Description

Spoofing replies to Recursor might mark an IP of an authoritative server as not supporting EDNS, causing valdiation of DNSSEC records served by that server to fail.

Basic Information

ID CVE-2026-52690

Source OX

Published Jun 25, 2026 at 13:01

Modified Jun 25, 2026 at 14:21

Affected Product

Vendor PowerDNS

Product Recursor

Version 5.2.0

Affected Versions PowerDNS Recursor 5.2.0
PowerDNS Recursor 5.3.0
PowerDNS Recursor 5.4.0

CWE Classification

CWE-290

References

docs.powerdns.com /recursor/security-advisories/powerdns-advisory-powerdns-2026-08.html

{
    "lastseen": "",
    "description": "Spoofing replies to Recursor might mark an IP of an authoritative server as not supporting EDNS, causing valdiation of DNSSEC records served by that server to fail.",
    "published": "2026-06-25T13:01:40.347Z",
    "modified": "2026-06-25T14:21:36.692Z",
    "type": "cve",
    "title": "Spoofed answers can mark an authoritative non-EDNS capable",
    "source": "OX",
    "references": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-08.html",
    "id": "CVE-2026-52690",
    "bulletinFamily": "",
    "cwe": [
        "",
        "CWE-290"
    ],
    "cvelist": null,
    "sourceData": "PowerDNS Recursor 5.2.0\nPowerDNS Recursor 5.3.0\nPowerDNS Recursor 5.4.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.9,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Recursor",
    "version": "5.2.0",
    "vendor": "PowerDNS",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}