PowerDNS — Cyber Threats, Attacks & Incidents

Threat entity extracted from intelligence sources

Frequency
3
occurrences
First Seen
May 20, 2026
Last Seen
June 25, 2026

PowerDNS is a technology platform tracked across 3 threat clusters and 3 intelligence report mentions on ThreatCluster. First observed May 20, 2026; most recent activity June 25, 2026.

Related Threat Clusters

Recent Intelligence Reports

  • CVE-2026-54588: Poweradmin has Host Header Injection in OIDC redirect_uri, SAML ACS/SLO URL, and Logout Redirect Construction. [CRITICAL] CVSS 9.6 Exploit Intelligence — Recent CVEs / 23h Poweradmin is a web-based DNS administration tool for PowerDNS server. Versions prior to 4.2.4 and 4.3.3 use the attacker-controlled `HTTP_HOST` request header as the authoritative source for building callback URLs in its OIDC, SAML, and logout authentication flows without any validation. An unauthe — exploit-intel.com · June 25, 2026
  • DNS Response Policy Zones | Free (DNS Firewall) — www.spamhaus.com · June 15, 2026
  • Debian Trixie PowerDNS Denial of Service Info Disclosure Vuln DSA-6284 — Linuxsecurity · May 20, 2026

CVSS v3.1 Breakdown