Vulnerability Description
manage.get.gov is the .gov TLD registrar maintained by CISA. manage.get.gov allows an organization administrator to assign domain manager privileges for domains not already in another organization. Fixed in 1.176.0 on or around 2026-04-30.
CVSS Score
HIGH
Related Weaknesses (CWE)
References
- https://github.com/cisagov/manage.get.gov/issues/4858
- https://github.com/cisagov/manage.get.gov/pull/4900
- https://github.com/cisagov/manage.get.gov/releases/tag/v1.176.0
- https://github.com/cisagov/manage.get.gov/security/advisories/GHSA-6wrg-x3j6-x46
- https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2026/
- https://www.cve.org/CVERecord?id=CVE-2026-43510
FAQ
What is CVE-2026-43510?
CVE-2026-43510 is a vulnerability with a CVSS score of 7.6 (HIGH). manage.get.gov is the .gov TLD registrar maintained by CISA. manage.get.gov allows an organization administrator to assign domain manager privileges for domains not already in another organization. Fi...
How severe is CVE-2026-43510?
CVE-2026-43510 has been rated HIGH with a CVSS base score of 7.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-43510?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.