A critical flaw in CoreDNS’s etcd plugin can let attackers pin DNS records in caches for years, effectively blocking legitimate updates.
This vulnerability, tracked as CVE-2025-58063, stems from incorrect handling of etcd lease IDs. It affects every CoreDNS release from version 1.2.0 onward and was patched in version 1.12.4, as per a report by Researcher in Github.
Security teams should urgently update and review TTL settings to prevent long-term cache poisoning.
https://gbhackers.com/coredns-vulnerability-2/