CVE Catalog
CVE-2026-42387
MediumCVSS 5.9Summary
A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to a crash of the Recursor due to insufficient input validation.
Risk Assessment
An attacker can cause the recursive server to crash, leading to denial of DNS services for users.
Recommendation
Update the Recursor software to the latest version that includes fixes for input validation in the ZoneToCache function.
Original NVD description (English source)
A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to a crash of the Recursor due to insuffcient input validation.

