CVE-2026-41999

🔶 medium

🔍 Scan for this CVE

Incorrect Behaviour of Views with TCP PROXY Requests

CVSS Score

4.8

Medium

EPSS Score

0.0

Published Date

2026-05-21

First Seen: 2026-05-22

This CVE is Lower Risk - more severe than 13.8% of all 328,009 vulnerabilities in our database.

#282,765

Below average severity

Severity Percentile

🔍 Exploitation Status

None

No known exploits

⚙️ Automatable

Requires human interaction

💥 Technical Impact

Partial

Limited system impact

🏆 Discovered By

Zwique

SSVC data provided by CISA

Last Modified 2026-05-26

Source NVD 🔗

CVSS Vector 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

CWE IDs (Weakness Types)

CWE-284

📦 Affected Products 1

Vendor	Product	Status	Affected Versions
powerdns	authoritative	Affected	> 5.0.0 < 5.0.5

Broken Link

CVE ID	Severity	CVSS	Summary	Published
CVE-2026-42000	🔶 medium	6.8	Insufficient Validation of Names During AXFR	2026-05-21
CVE-2026-42001	⚠️ high	7.5	Insufficient Validation of Autoprimary SOA Queries	2026-05-21
CVE-2026-42002	🔶 medium	5.9	Concurrency and locking defects in GSS-TSIG	2026-05-21
CVE-2026-42396	🔶 medium	4.9	Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail	2026-05-21
CVE-2026-33608	⚠️ high	7.4	An attacker can send a notify request that causes a new secondary domain to be added to the bind backend, but causes sai...	2026-04-22
CVE-2026-33609	🔶 medium	5.3	Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domai...	2026-04-22

These CVEs affect the same products