CVE Catalog
CVE-2026-42390
MediumCVSS 5.3Summary
An invalid zone might pass ZONEMD validation while it should not. This is only relevant if ZoneToCache is configured with ZONEMD validation.
Risk Assessment
The organization may accept and cache invalid DNS zone data, potentially leading to cache poisoning and man-in-the-middle attacks.
Recommendation
It is recommended to disable ZONEMD validation in the ZoneToCache configuration until a patch is released or apply temporary zone filtering rules.
Original NVD description (English source)
An invalid zone might pass ZONEMD validation while it should not. This is only relevant if ZoneToCache is configured with ZONEMD validation.

