CVE-2025-59023

CVSS v2.0

8.5

High

Vector

AV:N/AC:L/Au:N/C:N/I:C/A:P

Name of the Vulnerable Software and Affected Versions PowerDNS Recursor versions prior to 5.2.6-0+deb13u1

Description Insufficient validation of delegation information could lead to cache pollution in PowerDNS Recursor, a resolving name server. Updates will not be backported to the version of PDNS recursor in the oldstable distribution (bookworm).

Recommendations Upgrade pdns-recursor packages to version 5.2.6-0+deb13u1. For affected setups, an update to Debian stable/trixie is recommended.

Fix

Special Elements Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-74CWE-294

Related Identifiers

BDU:2026-00247

CVE-2025-59023

DSA-6045-1

Affected Products

Debian

Powerdns Recursor

Red Os

Pdns-Recursor

CVE-2025-59023

Weakness Enumeration

Related Identifiers

Affected Products

References · 24