CVE-2026-33489 | CoreDNS up to 1.14.2 transfer.go longestMatch authorization

Inserito da Angelo Barbosa | Mag 5, 2026 | CVE

A vulnerability was found in CoreDNS up to 1.14.2. It has been classified as problematic. This issue affects the function longestMatch of the file plugin/transfer/transfer.go. Performing a manipulation results in incorrect authorization.

This vulnerability was named CVE-2026-33489. The attack may be initiated remotely. There is no available exploit.

Upgrading the affected component is recommended.

CVE-2026-33489 | CoreDNS up to 1.14.2 transfer.go longestMatch authorization

Post correlati

CVE-2026-7094 | ShadowCloneLabs GlutamateMCPServers up to e2de73280b01e5d943593dd1aa2c01c5b9112f78 puppeteer_navigate src/puppeteer/index.ts url server-side request forgery

CVE-2026-7689 | Dolibarr ERP CRM up to 23.0.2 Online Signature security.lib.php dol_verifyHash signature verification

CVE-2023-42949 | Apple iOS/iPadOS Temporary Directory access control

CVE-2024-38486 | Dell SmartFabric OS10 Software up to 10.5.5.10/10.5.6.x command injection (dsa-2024-376)