Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.3
CoreDNS: Bypassing DNS Access Controls with Older Versions
CVE-2026-26017
GHSA-c9v3-4pv7-87pr
GHSA-c9v3-4pv7-87pr
Summary
If you're using an older version of CoreDNS, an attacker could potentially access restricted DNS areas. This is because of a flaw in the way the software handles plugins. To fix this, update to version 1.14.2 or later.
What to do
- Update github.com coredns to version 1.14.2.
- Update coredns github.com/coredns/coredns to version 1.14.2.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| github.com | coredns | <= 1.14.2 | 1.14.2 |
| coredns | github.com/coredns/coredns | <= 1.14.2 | 1.14.2 |
| coredns.io | coredns | <= 1.14.2 | – |
Original title
CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a logical vulnerability in CoreDNS allows DNS access controls to be bypassed due to the default execution order of plugins. Sec...
Original description
CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a logical vulnerability in CoreDNS allows DNS access controls to be bypassed due to the default execution order of plugins. Security plugins such as acl are evaluated before the rewrite plugin, resulting in a Time-of-Check Time-of-Use (TOCTOU) flaw. This issue has been patched in version 1.14.2.
nvd CVSS3.1
7.7
Vulnerability type
CWE-367
Published: 6 Mar 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026