CVE-2026-25518

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2026-25518
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-25518.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2026-25518
Aliases
Downstream
Related
Published
2026-02-04T21:18:06.681Z
Modified
2026-02-06T21:36:40.708457Z
Severity
  • 5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
cert-manager-controller DoS via Specially Crafted DNS Response
Details

cert-manager adds certificates and certificate issuers as resource types in Kubernetes clusters, and simplifies the process of obtaining, renewing and using those certificates. In versions from 1.18.0 to before 1.18.5 and from 1.19.0 to before 1.19.3, the cert-manager-controller performs DNS lookups during ACME DNS-01 processing (for zone discovery and propagation self-checks). By default, these lookups use standard unencrypted DNS. An attacker who can intercept and modify DNS traffic from the cert-manager-controller pod can insert a crafted entry into cert-manager's DNS cache. Accessing this entry will trigger a panic, resulting in denial‑of‑service (DoS) of the cert-manager controller. The issue can also be exploited if the authoritative DNS server for the domain being validated is controlled by a malicious actor. This issue has been patched in versions 1.18.5 and 1.19.3.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/25xxx/CVE-2026-25518.json",
    "cwe_ids": [
        "CWE-129",
        "CWE-704"
    ],
    "cna_assigner": "GitHub_M"
}
References

Affected packages

Git / github.com/cert-manager/cert-manager

Affected ranges

Type
GIT
Repo
https://github.com/cert-manager/cert-manager
Events
Introduced
83dae3ef37f50973c0f3b3a818fc7d1b35fff341
Fixed
9a73a0b3853035827edd37ac463e4803ba10327d
Database specific 
{
    "versions": [
        {
            "introduced": "1.18.0"
        },
        {
            "fixed": "1.18.5"
        }
    ]
}
Type
GIT
Repo
https://github.com/cert-manager/cert-manager
Events
Introduced
12a3ef97916bf5c1bea55740caab49e93e2b6d54
Fixed
d4faed26ae12115cceb807cdc12507ebc28980e2
Database specific 
{
    "versions": [
        {
            "introduced": "1.19.0"
        },
        {
            "fixed": "1.19.3"
        }
    ]
}

Affected versions

v1.*
v1.18.0
v1.18.1
v1.18.2
v1.18.3
v1.18.4
v1.19.0
v1.19.1
v1.19.2

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-25518.json"