A vulnerability was found in CoreDNS up to 1.14.4. It has been classified as critical. Affected by this vulnerability is the function
IsEdns0 of the file plugin/rewrite/edns0.go of the component Rewrite Plugin. The manipulation leads to null pointer dereference.
This vulnerability is listed as CVE-2026-62299. The attack may be initiated remotely. There is no available exploit.