{
  "threat_severity" : "Important",
  "public_date" : "2026-03-06T15:36:15Z",
  "bugzilla" : {
    "description" : "github.com/coredns/coredns: CoreDNS: DNS access control bypass due to plugin execution order flaw",
    "id" : "2445244",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2445244"
  },
  "cvss3" : {
    "cvss3_base_score" : "7.7",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
    "status" : "verified"
  },
  "cwe" : "CWE-367",
  "details" : [ "CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a logical vulnerability in CoreDNS allows DNS access controls to be bypassed due to the default execution order of plugins. Security plugins such as acl are evaluated before the rewrite plugin, resulting in a Time-of-Check Time-of-Use (TOCTOU) flaw. This issue has been patched in version 1.14.2.", "A flaw was found in CoreDNS, a DNS server that uses a chain of plugins. This logical vulnerability allows an attacker to bypass DNS access controls. The issue occurs because security plugins, such as 'acl', are evaluated before the 'rewrite' plugin, creating a Time-of-Check Time-of-Use (TOCTOU) flaw. This flaw enables an attacker to circumvent intended access restrictions." ],
  "affected_release" : [ {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2.15",
    "release_date" : "2026-04-14T00:00:00Z",
    "advisory" : "RHSA-2026:8151",
    "cpe" : "cpe:/a:redhat:acm:2.15::el9",
    "package" : "rhacm2/lighthouse-coredns-rhel9:1774086225"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Affected",
    "package_name" : "rhacm2/lighthouse-agent-rhel9",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Connectivity Link 1",
    "fix_state" : "Affected",
    "package_name" : "rhcl-1/coredns-rhel9",
    "cpe" : "cpe:/a:redhat:connectivity_link:1"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4",
    "fix_state" : "Not affected",
    "package_name" : "openshift4/ose-coredns-rhel9",
    "cpe" : "cpe:/a:redhat:openshift:4"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2026-26017\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-26017\nhttps://github.com/coredns/coredns/releases/tag/v1.14.2\nhttps://github.com/coredns/coredns/security/advisories/GHSA-c9v3-4pv7-87pr" ],
  "name" : "CVE-2026-26017",
  "mitigation" : {
    "value" : "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
    "lang" : "en:us"
  },
  "csaw" : false
}