Github.com/coredns/coredns
This hub aggregates every CVE we track for Github.com/coredns/coredns, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
10
CVEs tracked
0
Critical
7
High
0
In CISA KEV
Severity distribution
HIGH7MEDIUM3
Monthly trend
0
0
2
0
0
0
0
0
0
0
0
1
0
0
1
0
0
0
1
0
2
0
0
0
2024-072026-06
Latest CVEs
The 10 most recently published vulnerabilities affecting Github.com/coredns/coredns.
- CVE-2026-26017CoreDNS ACL Bypass7.7
- CVE-2026-26018CoreDNS Loop Detection Denial of Service Vulnerability7.5
- CVE-2025-68151CoreDNS gRPC/HTTPS/HTTP3 servers lack resource limits, enabling DoS via unbounded connections and oversized messages7.5
- CVE-2025-58063CoreDNS: DNS Cache Pinning via etcd Lease ID Confusion7.1
- CVE-2025-47950CoreDNS Vulnerable to DoQ Memory Exhaustion via Stream Amplification7.5
- CVE-2023-30464CoreDNS through 1.10.1 enables attackers to achieve DNS cache poisoning and inject fake responses via a birthday attack.7.5
- CVE-2023-28452An issue was discovered in CoreDNS through 1.10.1. There is a vulnerability in DNS resolving software, which triggers a resolver to ignore valid responses, thus causing denial of service for normal...7.5
- CVE-2024-0874Coredns: cd bit response is cached and served later5.3
- CVE-2022-2837A flaw was found in coreDNS. This flaw allows a malicious user to redirect traffic intended for external top-level domains (TLD) to a pod they control by creating projects and namespaces that match...6.1
- CVE-2022-2835A flaw was found in coreDNS. This flaw allows a malicious user to reroute internal calls to some internal services that were accessed by the FQDN in a format of <service>.<namespace>.svc.4.4
Product normalization is registry-driven with AI assist and human review. How it works