CVE-2026-43510

Summary

manage.get.gov is the .gov TLD registrar maintained by CISA. manage.get.gov allows an organization administrator to assign domain manager privileges for domains not already in another organization. Fixed in 1.176.0 on or around 2026-04-30.

Affected Software

VendorProductVersion RangeStatus
CISAmanage.get.gov1.92.0 < 1.176.0affected
CISAmanage.get.gov1.176.0unaffected

Weaknesses

  • CWE-266: CWE-266 Incorrect Privilege Assignment

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References