PT-2026-23721 · Coredns · Coredns

Younevsky

Published

2026-03-06

Updated

2026-05-21

CVE-2026-26017

CVSS v3.1

7.7

High

Vector

AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions CoreDNS versions prior to 1.14.2

Description CoreDNS is a DNS server that utilizes a chain of plugins. A flaw in the default plugin execution order allows bypassing of DNS access controls. Specifically, security plugins like acl are evaluated before the rewrite plugin, creating a Time-of-Check Time-of-Use (TOCTOU) condition. This allows unauthorized DNS access.

Recommendations Update to version 1.14.2 or later.

Exploit

Fix

Time Of Check To Time Of Use

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-367

Related Identifiers

AZL-79497

AZL-79526

CLEANSTART-2026-VJ54611

CVE-2026-26017

GHSA-C9V3-4PV7-87PR

GO-2026-4630

OPENSUSE-SU-2026:10297-1

OPENSUSE-SU-2026:20619-1

SUSE-SU-2026:1042-1

Affected Products

Coredns

PT-2026-23721 · Coredns · Coredns

CVE-2026-26017

Weakness Enumeration

Related Identifiers

Affected Products

References · 211