{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-24027", "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981", "state": "PUBLISHED", "assignerShortName": "OX", "dateReserved": "2026-01-20T14:56:25.872Z", "datePublished": "2026-02-09T14:25:24.209Z", "dateUpdated": "2026-02-09T16:19:23.339Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://repo.powerdns.com/", "defaultStatus": "unaffected", "modules": ["Synchronous Resolver"], "packageName": "pdns-recursor", "product": "Recursor", "programFiles": ["syncres.cc"], "repo": "https://github.com/PowerDNS/pdns", "vendor": "PowerDNS", "versions": [{"lessThan": "5.3.5", "status": "affected", "version": "5.3.0", "versionType": "semver"}, {"lessThan": "5.2.8", "status": "affected", "version": "5.2.0", "versionType": "semver"}, {"lessThan": "5.1.10", "status": "affected", "version": "5.1.0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Shuhan Zhang from Tsinghua University"}], "datePublic": "2026-02-09T13:47:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Crafted zones can lead to increased incoming network traffic.</p>"}], "value": "Crafted zones can lead to increased incoming network traffic."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"description": "Insufficient Control of Network Message Volume (Network Amplification)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981", "shortName": "OX", "dateUpdated": "2026-02-09T14:25:24.209Z"}, "references": [{"url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2026-01.html"}], "source": {"advisory": "PowerDNS Security Advisory 2026-01", "discovery": "EXTERNAL"}, "title": "Crafted zones can lead to increased incoming network traffic", "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-09T16:19:10.019094Z", "id": "CVE-2026-24027", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-09T16:19:23.339Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-24027", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-09T16:19:10.019094Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-09T16:19:16.844Z"}}], "cna": {"title": "Crafted zones can lead to increased incoming network traffic", "source": {"advisory": "PowerDNS Security Advisory 2026-01", "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Shuhan Zhang from Tsinghua University"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://github.com/PowerDNS/pdns", "vendor": "PowerDNS", "modules": ["Synchronous Resolver"], "product": "Recursor", "versions": [{"status": "affected", "version": "5.3.0", "lessThan": "5.3.5", "versionType": "semver"}, {"status": "affected", "version": "5.2.0", "lessThan": "5.2.8", "versionType": "semver"}, {"status": "affected", "version": "5.1.0", "lessThan": "5.1.10", "versionType": "semver"}], "packageName": "pdns-recursor", "programFiles": ["syncres.cc"], "collectionURL": "https://repo.powerdns.com/", "defaultStatus": "unaffected"}], "datePublic": "2026-02-09T13:47:00.000Z", "references": [{"url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2026-01.html"}], "x_generator": {"engine": "Vulnogram 0.5.0"}, "descriptions": [{"lang": "en", "value": "Crafted zones can lead to increased incoming network traffic.", "supportingMedia": [{"type": "text/html", "value": "<p>Crafted zones can lead to increased incoming network traffic.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "description": "Insufficient Control of Network Message Volume (Network Amplification)"}]}], "providerMetadata": {"orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981", "shortName": "OX", "dateUpdated": "2026-02-09T14:25:24.209Z"}}}, "cveMetadata": {"cveId": "CVE-2026-24027", "state": "PUBLISHED", "dateUpdated": "2026-02-09T16:19:23.339Z", "dateReserved": "2026-01-20T14:56:25.872Z", "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981", "datePublished": "2026-02-09T14:25:24.209Z", "assignerShortName": "OX"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*", "matchCriteriaId": "BCD53D74-E38B-4113-A5FD-880E7EA4EFA3", "versionEndExcluding": "5.1.10", "versionStartIncluding": "5.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*", "matchCriteriaId": "0A9BDC0A-EA2A-4FAA-9E2B-8DDC3730FCBC", "versionEndExcluding": "5.2.8", "versionStartIncluding": "5.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*", "matchCriteriaId": "EE3FB5B9-EB60-473D-9C9D-39787C08BA1B", "versionEndExcluding": "5.3.5", "versionStartIncluding": "5.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Crafted zones can lead to increased incoming network traffic."}, {"lang": "es", "value": "Zonas elaboradas pueden llevar a un aumento del tr\u00e1fico de red entrante."}], "id": "CVE-2026-24027", "lastModified": "2026-04-20T14:55:39.140", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security@open-xchange.com", "type": "Secondary"}]}, "published": "2026-02-09T15:16:11.587", "references": [{"source": "security@open-xchange.com", "tags": ["Vendor Advisory"], "url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2026-01.html"}], "sourceIdentifier": "security@open-xchange.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-294"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[5.3.0,5.3.5)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[5.2.0,5.2.8)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[5.1.0,5.1.10)"}}], "product": "recursor", "vendor": "powerdns"}], "analysis": {"en": {"generated_at": "2026-04-20T18:50:13.252890+00:00", "value": {"mitigation_remediation": ["Update PowerDNS Recursor to the latest version that contains the fix for the zone handling flaw", "Configure the recursor to limit query rates or restrict zone referrals to trusted clients", "Implement network\u2011level rate limiting or firewall rules to mitigate traffic spikes from malicious zone queries"], "summary": {"action": "Apply Patch", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the PowerDNS Recursor product. No specific version information is provided in the CNA data, so all installations of PowerDNS Recursor remain potentially impacted until a patch is applied.", "description_and_impact": "CVE-2026-24027 exploits a flaw in PowerDNS Recursor where specially crafted zone data can cause the service to process an unusually high volume of queries. The result is an escalation of incoming network traffic that can overwhelm the recursor, compromising its availability. The weakness falls under improper resource consumption, aligned with CWE\u2011294.", "risk_and_exploitability": "The CVSS score of 5.3 indicates a moderate severity, while the EPSS score of less than 1% suggests that exploitation is unlikely to be common. The vulnerability is not listed in the CISA KEV catalog. Attackers could remotely trigger the effect by sending crafted zone queries over the network, making the attack vector remote and external. The overall risk is moderate, primarily due to the availability impact and the low probability of exploitation."}}}}, "created": "2026-02-10T11:35:32.027387+00:00", "updated": "2026-04-20T19:00:10.678849+00:00", "vendors": ["powerdns", "powerdns$PRODUCT$recursor"]}