CVE-2026-33489 | CoreDNS up to 1.14.2 transfer.go longestMatch authorization

Inserito da Angelo Barbosa | Mag 5, 2026 | CVE

A vulnerability was found in CoreDNS up to 1.14.2. It has been classified as problematic. This issue affects the function longestMatch of the file plugin/transfer/transfer.go. Performing a manipulation results in incorrect authorization.

This vulnerability was named CVE-2026-33489. The attack may be initiated remotely. There is no available exploit.

Upgrading the affected component is recommended.

CVE-2026-33489 | CoreDNS up to 1.14.2 transfer.go longestMatch authorization

Post correlati

CVE-2018-9474 | Google Android 7/8/8.1/9 MediaPlayer.java writeToParcel deserialization

CVE-2025-5933 | RD Contacto Plugin up to 1.4 on WordPress Setting rdWappUpdateData cross-site request forgery

CVE-2024-10522 | seb-emendo Co-marquage service-public.fr Plugin up to 0.5.76 on WordPress add_query_arg cross site scripting

CVE-2020-7760 | Oracle Utilties Application Framework 4.3.0.3.0/4.3.0.6.0/4.4.0.0.0/4.4.0.2.0/4.4.0.3.0 User Interface denial of service