CVE Catalog

CVE-2026-42389

MediumCVSS 5.3
Published: Updated: Translated: NVD NIST

Summary

This fix provides extra hardening for the 5.4.x branch by doing extra validation of incoming answers from authoritative servers.

Risk Assessment

Without this validation, an attacker could inject forged DNS responses, leading to traffic hijacking or man-in-the-middle attacks.

Recommendation

It is recommended to immediately update to the latest version of the 5.4.x branch that includes this fix.

Original NVD description (English source)

This fix provides extra hardening for the 5.4.x branch by doing extra validation of incoming answers from authoritative servers.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS