CVE Catalog

CVE-2026-42390

MediumCVSS 5.3
Published: Updated: Translated: NVD NIST

Summary

An invalid zone might pass ZONEMD validation while it should not. This is only relevant if ZoneToCache is configured with ZONEMD validation.

Risk Assessment

The organization may accept and cache invalid DNS zone data, potentially leading to cache poisoning and man-in-the-middle attacks.

Recommendation

It is recommended to disable ZONEMD validation in the ZoneToCache configuration until a patch is released or apply temporary zone filtering rules.

Original NVD description (English source)

An invalid zone might pass ZONEMD validation while it should not. This is only relevant if ZoneToCache is configured with ZONEMD validation.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS