CoreDNS: Mehrere Schwachstellen ermöglichen
Multiple vulnerabilities have been identified in CoreDNS, a DNS server, as reported by the Bundesamt für Sicherheit in der Informationstechnik under CVE-2026-33190 and related CVEs. The advisory references Red Hat's security update for Submariner, a Kubernetes operator related to cross-cluster connectivity, which includes fixes for several CVEs including some listed here. No specific technical details or exploitation methods are provided. The affected version is listed as '=azl3', but this version identifier is non-standard and not further clarified. No CVSS score is available for these vulnerabilities.
AI Analysis
Technical Summary
This security advisory concerns multiple vulnerabilities in CoreDNS, identified by CVE-2026-33190 and four additional CVEs (CVE-2026-33489, CVE-2026-35579, CVE-2026-32934, CVE-2026-32936). The advisory is published by the Bundesamt für Sicherheit in der Informationstechnik and references a Red Hat security advisory (RHSA-2026:25127) that addresses related issues in the Submariner Kubernetes operator. Submariner enables cross-cluster networking for Kubernetes pods and services. The Red Hat advisory rates the security impact as Important and provides fixes in Red Hat Advanced Cluster Management for Kubernetes version 2.14. The vendor advisory does not explicitly confirm patch availability for CoreDNS itself but indicates fixes in related Kubernetes components. The affected version stated is '=azl3'. No CVSS score is provided.
Potential Impact
The vulnerabilities affect CoreDNS and potentially related Kubernetes components that enable cross-cluster service connectivity. The Red Hat advisory rates the impact as Important, indicating a significant security concern. However, no known exploits in the wild are reported. The exact impact on confidentiality, integrity, or availability is not detailed in the provided data.
Mitigation Recommendations
The Red Hat advisory RHSA-2026:25127 provides security fixes in Red Hat Advanced Cluster Management for Kubernetes version 2.14, which addresses these vulnerabilities in the context of Submariner. Users should apply the updates as per the Red Hat advisory. No explicit patch or remediation guidance is provided for CoreDNS version '=azl3' in the input data. Patch status for CoreDNS itself is not yet confirmed—check the vendor advisory for current remediation guidance.
CoreDNS: Mehrere Schwachstellen ermöglichen
Description
Multiple vulnerabilities have been identified in CoreDNS, a DNS server, as reported by the Bundesamt für Sicherheit in der Informationstechnik under CVE-2026-33190 and related CVEs. The advisory references Red Hat's security update for Submariner, a Kubernetes operator related to cross-cluster connectivity, which includes fixes for several CVEs including some listed here. No specific technical details or exploitation methods are provided. The affected version is listed as '=azl3', but this version identifier is non-standard and not further clarified. No CVSS score is available for these vulnerabilities.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This security advisory concerns multiple vulnerabilities in CoreDNS, identified by CVE-2026-33190 and four additional CVEs (CVE-2026-33489, CVE-2026-35579, CVE-2026-32934, CVE-2026-32936). The advisory is published by the Bundesamt für Sicherheit in der Informationstechnik and references a Red Hat security advisory (RHSA-2026:25127) that addresses related issues in the Submariner Kubernetes operator. Submariner enables cross-cluster networking for Kubernetes pods and services. The Red Hat advisory rates the security impact as Important and provides fixes in Red Hat Advanced Cluster Management for Kubernetes version 2.14. The vendor advisory does not explicitly confirm patch availability for CoreDNS itself but indicates fixes in related Kubernetes components. The affected version stated is '=azl3'. No CVSS score is provided.
Potential Impact
The vulnerabilities affect CoreDNS and potentially related Kubernetes components that enable cross-cluster service connectivity. The Red Hat advisory rates the impact as Important, indicating a significant security concern. However, no known exploits in the wild are reported. The exact impact on confidentiality, integrity, or availability is not detailed in the provided data.
Mitigation Recommendations
The Red Hat advisory RHSA-2026:25127 provides security fixes in Red Hat Advanced Cluster Management for Kubernetes version 2.14, which addresses these vulnerabilities in the context of Submariner. Users should apply the updates as per the Red Hat advisory. No explicit patch or remediation guidance is provided for CoreDNS version '=azl3' in the input data. Patch status for CoreDNS itself is not yet confirmed—check the vendor advisory for current remediation guidance.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_base
- Csaf Version
- 2.0
- Publisher
- Bundesamt für Sicherheit in der Informationstechnik
- Advisory Id
- WID-SEC-W-2026-1283
- Cve Count
- 5
- Additional Cves
- ["CVE-2026-33489","CVE-2026-35579","CVE-2026-32934","CVE-2026-32936"]
- Cvss Version
- null
Threat ID: 6a46ed1b27e9c79719447d5c
Added to database: 07/02/2026, 22:58:35 UTC
Last enriched: 07/02/2026, 23:39:29 UTC
Last updated: 07/03/2026, 03:12:30 UTC
Views: 5
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.