These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2026-42396 is a medium-severity availability issue in DNS catalog zone handling. Based on the public CVE metadata, insufficient validation of member zone data may cause a catalog zone transfer to fail. NVD references a PowerDNS security advisory, but the supplied corpus does not provide enough detail to confirm product scope beyond that pointer.
CVE-2026-42002 is a medium-severity vulnerability description centered on concurrency and locking defects in GSS-TSIG. The available record indicates a network-reachable issue with high attack complexity and an availability impact only, which points to denial-of-service risk rather than confidentiality or integrity compromise. NVD shows the record as "Received" and references a PowerDNS security advisory, [truncated]
CVE-2026-42000 is a medium-severity DNS vulnerability described as insufficient validation of names during AXFR, the zone-transfer process used by authoritative DNS servers. The available corpus points to a PowerDNS security advisory, but the vendor mapping in the source data is still low-confidence and should be treated as provisional.
CVE-2026-41999 was published on 2026-05-21 and describes incorrect behavior of views when handling TCP PROXY requests. The available corpus is limited, but the NVD record links to an official PowerDNS advisory, so PowerDNS appears to be the likely affected project while the vendor attribution remains low confidence. The NVD-assigned CVSS vector indicates network exposure with low confidentiality and integ [truncated]