github.com/coredns/coredns (Go) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Go package github.com/coredns/coredns, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (15)
CVE-2026-35579 — CVSS 9.8 (critical): CoreDNS is a DNS server written in Go. In versions prior to 1.14.3, the gRPC, QUIC, DoH, and DoH3 transport implementations incorrectly…
CVE-2026-26017 — CVSS 7.7 (high): CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a logical vulnerability in CoreDNS allows DNS access controls to be…
CVE-2023-30464 — CVSS 7.5 (high): CoreDNS through 1.10.1 enables attackers to achieve DNS cache poisoning and inject fake responses via a birthday attack.
CVE-2025-47950 — CVSS 7.5 (high): CoreDNS is a DNS server that chains plugins. In versions prior to 1.12.2, a Denial of Service (DoS) vulnerability exists in the CoreDNS…
CVE-2025-68151 — CVSS 7.5 (high): CoreDNS is a DNS server that chains plugins. Prior to version 1.14.0, multiple CoreDNS server implementations (gRPC, HTTPS, and HTTP/3)…
CVE-2023-28452 — CVSS 7.5 (high): An issue was discovered in CoreDNS through 1.10.1. There is a vulnerability in DNS resolving software, which triggers a resolver to ignore…
CVE-2026-32934 — CVSS 7.5 (high): CoreDNS is a DNS server that chains plugins. In versions prior to 1.14.3, the DNS-over-QUIC (DoQ) server can be driven into unbounded…
CVE-2026-32936 — CVSS 7.5 (high): CoreDNS is a DNS server that chains plugins. In versions prior to 1.14.3, the DNS-over-HTTPS (DoH) GET path accepts oversized dns= query…
CVE-2026-33190 — CVSS 7.5 (high): CoreDNS is a DNS server that chains plugins. In versions prior to 1.14.3, the tsig plugin can be bypassed on non-plain-DNS transports (DoT…
CVE-2026-33489 — CVSS 7.5 (high): CoreDNS is a DNS server that chains plugins. In versions prior to 1.14.3, the transfer plugin can select the wrong ACL stanza when both a…
CVE-2026-26018 — CVSS 7.5 (high): CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a denial of service vulnerability exists in CoreDNS's loop detection…
CVE-2025-58063 — CVSS 7.1 (high): CoreDNS is a DNS server that chains plugins. Starting in version 1.2.0 and prior to version 1.12.4, the CoreDNS etcd plugin contains a TTL…
CVE-2022-2837 — CVSS 6.1 (medium): A flaw was found in coreDNS. This flaw allows a malicious user to redirect traffic intended for external top-level domains (TLD) to a pod…
CVE-2024-0874 — CVSS 5.3 (medium): A flaw was found in coredns. This issue could lead to invalid cache entries returning due to incorrectly implemented caching.
CVE-2022-2835 — CVSS 4.4 (medium): A flaw was found in coreDNS. This flaw allows a malicious user to reroute internal calls to some internal services that were accessed by…