Hugo | DevOps | Cybersecurity

CVE-2026-54588 - Critical OIDC/SAML redirect_uri poisoning in Poweradmin. Unauthenticated attacker can steal auth codes via HTTP_HOST header injection. CVSS 9.6. No patch available. Disable OIDC/SAML until fixed. #CVE #infosec #Poweradmin

https://www.valtersit.com/cve/CVE-2026-54588/

CVE-2026-54588 | Poweradmin | Valters IT Hub

Poweradmin is a web-based DNS administration tool for PowerDNS server. Versions prior to 4.2.4 and 4.3.3 use the attacker-controlled `HTTP_HOST` request he...

Valters IT Hub
Jun 24 at 5:04pmValtersIT_Com