{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-14T06:00:04.719","vulnerabilities":[{"cve":{"id":"CVE-2026-26952","sourceIdentifier":"security-advisories@github.com","published":"2026-02-19T23:16:26.243","lastModified":"2026-03-12T16:33:01.970","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker blocking application. Versions 6.4 and below are vulnerable to stored HTML injection through the local DNS records configuration page, which allows an authenticated administrator to inject code that is stored in the Pi-hole configuration and rendered every time the DNS records table is viewed. The populateDataTable() function contains a data variable with the full DNS record value exactly as entered by the user and returned by the API. This value is inserted directly into the data-tag HTML attribute without any escaping or sanitization of special characters. When an attacker supplies a value containing double quotes (\"), they can prematurely “close” the data-tag attribute and inject additional HTML attributes into the element. Since Pi-hole implements a Content Security Policy (CSP) that blocks inline JavaScript, the impact is limited. This issue has been fixed in version 6.4.1."},{"lang":"es","value":"La Interfaz de administración de Pi-hole es una interfaz web para gestionar Pi-hole, una aplicación de bloqueo de anuncios y rastreadores de internet a nivel de red. Las versiones 6.4 e inferiores son vulnerables a la inyección de HTML almacenado a través de la página de configuración de registros DNS locales, lo que permite a un administrador autenticado inyectar código que se almacena en la configuración de Pi-hole y se renderiza cada vez que se visualiza la tabla de registros DNS. La función populateDataTable() contiene una variable de datos con el valor completo del registro DNS exactamente como lo introdujo el usuario y devuelto por la API. Este valor se inserta directamente en el atributo HTML data-tag sin ningún escape o sanitización de caracteres especiales. Cuando un atacante proporciona un valor que contiene comillas dobles (\"), pueden 'cerrar' prematuramente el atributo data-tag e inyectar atributos HTML adicionales en el elemento. Dado que Pi-hole implementa una Política de Seguridad de Contenido (CSP) que bloquea JavaScript en línea, el impacto es limitado. Este problema ha sido solucionado en la versión 6.4.1."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-20"},{"lang":"en","value":"CWE-79"},{"lang":"en","value":"CWE-116"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:pi-hole:web_interface:*:*:*:*:*:*:*:*","versionEndExcluding":"6.4.1","matchCriteriaId":"0BC7CDAC-AB62-4F32-B3C5-34AC7EE1953F"}]}]}],"references":[{"url":"https://github.com/pi-hole/web/commit/d328f143718022d82dc94c8751121ca41be3b996","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/pi-hole/web/releases/tag/v6.4.1","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/pi-hole/web/security/advisories/GHSA-6xp4-jw73-f4qp","source":"security-advisories@github.com","tags":["Third Party Advisory"]}]}}]}