Primary

Context

PowerDNS Recursor Cached Delegation Poisoning Vulnerability

Vulnerability

Patched

A vulnerability exists in PowerDNS Recursor versions through 5.1.7, 5.2.5, and 5.3.0, allowing crafted delegations or IP fragments to poison the cache by disrupting the delegation information validation process. This cache pollution can be exploited by spoofing packets to inject malicious delegation data, leading to improper caching behavior.

Impact

Exploitation of this vulnerability causes cache pollution, where maliciously crafted delegation information is accepted and stored, potentially disrupting normal DNS resolution processes.

Remediation

Users are advised to upgrade to PowerDNS Recursor versions 5.1.8, 5.2.6, or 5.3.1, all of which include the necessary patches to address this vulnerability.

Added: Feb 9, 2026, 3:21 PM

Updated: Feb 9, 2026, 4:13 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

6.6

remediation

7.7

relevance

2.6

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

6.6

remediation

7.7

relevance

2.6

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

PowerDNS Recursor Cached Delegation Poisoning Vulnerability

Vulnerability

Impact

Remediation

Affected Products

PowerDNS Recursor

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating