CVE Catalog

CVE-2026-43510

MediumCVSS 5.9
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.35%

26th percentile - higher than 26% of all known CVEs

Summary

manage.get.gov is the .gov TLD registrar maintained by CISA, allowing an organization administrator to assign domain manager privileges for domains not already in another organization.

Risk Assessment

Lack of proper security in privilege assignment may lead to unauthorized access to domains, posing a risk to the organization.

Recommendation

It is recommended to upgrade to version 1.176.0 or later to mitigate this vulnerability.

Original NVD description (English source)

manage.get.gov is the .gov TLD registrar maintained by CISA. manage.get.gov allows an organization administrator to assign domain manager privileges for domains not already in another organization. Fixed in 1.176.0 on or around 2026-04-30.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS