What is CVE-2026-52690?

CVE-2026-52690 is a medium-severity vulnerability in Powerdns Recursor, classified under Authentication Bypass by Spoofing. CVSS score: 5.9/10. Published 2026-06-25.

How severe is CVE-2026-52690?

Medium severity. CVSS v3 base score is 5.9 out of 10.

Vulnerability in Powerdns Recursor

CVE-2026-52690

Spoofing replies to Recursor might mark an IP of an authoritative server as not supporting EDNS, causing valdiation of DNSSEC records served by that server to fail.

CVSS v3 metric

CVSS v3 base score 5.9 (Medium). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Powerdns Recursor — versions 5.2.0, 5.3.0, 5.4.0

Weakness classification (CWE)

CWE-290 — Authentication Bypass by Spoofing

References

security@open-xchange.com

Frequently asked questions

What is CVE-2026-52690?: CVE-2026-52690 is a medium-severity vulnerability in Powerdns Recursor, classified under Authentication Bypass by Spoofing. CVSS score: 5.9/10. Published 2026-06-25.
How severe is CVE-2026-52690?: Medium severity. CVSS v3 base score is 5.9 out of 10.