{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-33609", "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981", "state": "PUBLISHED", "assignerShortName": "OX", "dateReserved": "2026-03-23T12:58:38.267Z", "datePublished": "2026-04-22T14:00:33.702Z", "dateUpdated": "2026-04-22T14:27:42.585Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981", "shortName": "OX", "dateUpdated": "2026-04-22T14:00:33.702Z"}, "title": "LDAP DN injection", "datePublic": "2026-04-08T22:00:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "description": "Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')", "type": "CWE"}]}], "affected": [{"vendor": "PowerDNS", "product": "Authoritative", "collectionURL": "https://repo.powerdns.com/", "packageName": "pdns", "repo": "https://github.com/PowerDNS/pdns", "modules": ["LDAP backend"], "programFiles": ["powerldap.cc"], "versions": [{"status": "affected", "version": "5.0.0", "lessThan": "5.0.4", "versionType": "semver"}, {"status": "affected", "version": "4.9.0", "lessThan": "4.9.14", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees.</p>"}]}], "references": [{"url": "https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-powerdns-2026-05.html"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseSeverity": "MEDIUM", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}}], "credits": [{"lang": "en", "value": "ylwango613", "type": "finder"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-90", "lang": "en", "description": "CWE-90 Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-22T14:26:43.179728Z", "id": "CVE-2026-33609", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-22T14:27:42.585Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-33609", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-22T14:26:43.179728Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-90", "description": "CWE-90 Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-22T14:26:50.796Z"}}], "cna": {"title": "LDAP DN injection", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "ylwango613"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://github.com/PowerDNS/pdns", "vendor": "PowerDNS", "modules": ["LDAP backend"], "product": "Authoritative", "versions": [{"status": "affected", "version": "5.0.0", "lessThan": "5.0.4", "versionType": "semver"}, {"status": "affected", "version": "4.9.0", "lessThan": "4.9.14", "versionType": "semver"}], "packageName": "pdns", "programFiles": ["powerldap.cc"], "collectionURL": "https://repo.powerdns.com/", "defaultStatus": "unaffected"}], "datePublic": "2026-04-08T22:00:00.000Z", "references": [{"url": "https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-powerdns-2026-05.html"}], "x_generator": {"engine": "Vulnogram 1.0.1"}, "descriptions": [{"lang": "en", "value": "Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees.", "supportingMedia": [{"type": "text/html", "value": "<p>Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "description": "Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')"}]}], "providerMetadata": {"orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981", "shortName": "OX", "dateUpdated": "2026-04-22T14:00:33.702Z"}}}, "cveMetadata": {"cveId": "CVE-2026-33609", "state": "PUBLISHED", "dateUpdated": "2026-04-22T14:27:42.585Z", "dateReserved": "2026-03-23T12:58:38.267Z", "assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981", "datePublished": "2026-04-22T14:00:33.702Z", "assignerShortName": "OX"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:powerdns:authoritative:*:*:*:*:*:*:*:*", "matchCriteriaId": "08464BC2-733F-4260-878D-DE05919A7A7D", "versionEndExcluding": "4.9.14", "versionStartIncluding": "4.9.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:powerdns:authoritative:*:*:*:*:*:*:*:*", "matchCriteriaId": "A26C526E-15DC-41BE-9B66-FC6A63679562", "versionEndExcluding": "5.0.4", "versionStartIncluding": "5.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees."}], "id": "CVE-2026-33609", "lastModified": "2026-04-24T18:52:54.457", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 3.6, "source": "security@open-xchange.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-04-22T14:16:54.770", "references": [{"source": "security@open-xchange.com", "tags": ["Broken Link", "Vendor Advisory"], "url": "https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-powerdns-2026-05.html"}], "sourceIdentifier": "security@open-xchange.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-90"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[5.0.0,5.0.4)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[4.9.0,4.9.14)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Authoritative", "source": "cna", "vendor": "PowerDNS"}, "product": "authoritative", "vendor": "powerdns"}], "analysis": {"en": {"generated_at": "2026-04-22T18:31:49.989387+00:00", "value": {"mitigation_remediation": ["Disable the 8bit\u2011dns feature if it is not required for your deployment.", "Check the PowerDNS vendor site for patch releases or newer versions that fix the escaping issue and apply the update.", "Monitor LDAP query logs and network traffic for abnormal directory access patterns, and apply network segmentation to limit exposure of the LDAP service."], "summary": {"action": "Assess Impact", "impact": "Potential Internal Data Disclosure"}, "threat_synthesis": {"affected_systems": "PowerDNS Authoritative software is affected. The CVE statement does not list precise version numbers, so any installation of PowerDNS Authoritative with 8bit\u2011dns enabled is potentially vulnerable.", "description_and_impact": "The flaw is an LDAP Distinguished Name injection caused by incomplete escaping of LDAP queries when the server is configured with 8bit-dns enabled. An attacker can craft DNS requests that manipulate the LDAP query string and retrieve information from internal domain subtrees that would normally be inaccessible. The result is unintended disclosure of directory data, compromising confidentiality. This weakness is classified as CWE\u201190.", "risk_and_exploitability": "The CVSS score of 5.3 indicates moderate severity, and no EPSS score is currently available. The vulnerability is not listed in the CISA KEV catalog, suggesting no known widespread exploitation yet. Exploitation requires the target to be reachable and running with 8bit\u2011dns enabled; an attacker can send crafted DNS queries over the network to trigger the injection and read internal LDAP data."}}}}, "created": "2026-04-22T18:45:24.007873+00:00", "updated": "2026-04-22T19:00:07.807369+00:00", "vendors": ["powerdns", "powerdns$PRODUCT$authoritative"]}