Bubba AI, Inc. 2261 Market Street, San Francisco, California, 94114 Finding Title: Missing DNS Records Severity: (CVSS3.1): 0.0 (Informational) Description: The issue occurs when specific DNS records such as DMARC, DKIM, SPF, DNSSEC, or CAA are not configured for a domain. This allows an attacker to abuse email systems for spoofing, phishing, or unauthorized issuance of TLS certificates, and could compromise the integrity of DNS responses. Exploitation requires the attacker to have access to send emails to external recipients or attempt unauthorized certificate issuance and additional effort planning, creating, executing the malicious attempt, making exploitation relatively difficult. An attacker can exploit this by sending spoofed emails that appear to originate from the domain, intercepting or spoofing DNS responses, or requesting certificates from Certificate Authorities without authorization. Successful exploitation could result in brand reputation damage, phishing attacks, or trust issues with users and partners. Risk:  Spoofed emails can bypass recipient email filters, leading to phishing or social engineering attacks.  Lack of DNSSEC may allow DNS cache poisoning or spoofing.  Unauthorized certificate issuance could allow man-in-the-middle attacks.  Failure to authenticate email sources may reduce email deliverability.