Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

PowerDNS

Source -

CNA

BOS Name -

N/A

CNA CVEs -

72

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated ProductsRelated AssignersReports
72Vulnerabilities found

CVE-2026-42389
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-5.3||MEDIUM
EPSS-0.18% / 7.18%
||
7 Day CHG~0.00%
Published-25 Jun, 2026 | 13:16
Updated-25 Jun, 2026 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reject more queries with invalid header values

This fix provides extra hardening for the 5.4.x branch by doing extra validation of incoming answers from authoritative servers.

Action-Not Available
Vendor-PowerDNS
Product-Recursor
CWE ID-CWE-20
Improper Input Validation
CVE-2026-52690
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-5.9||MEDIUM
EPSS-0.35% / 27.48%
||
7 Day CHG~0.00%
Published-25 Jun, 2026 | 13:01
Updated-25 Jun, 2026 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Spoofed answers can mark an authoritative non-EDNS capable

Spoofing replies to Recursor might mark an IP of an authoritative server as not supporting EDNS, causing valdiation of DNSSEC records served by that server to fail.

Action-Not Available
Vendor-PowerDNS
Product-Recursor
CWE ID-CWE-290
Authentication Bypass by Spoofing
CVE-2026-42390
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-5.3||MEDIUM
EPSS-0.21% / 11.58%
||
7 Day CHG~0.00%
Published-25 Jun, 2026 | 13:01
Updated-25 Jun, 2026 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ZONEMD validation can be bypassed

An invalid zone might pass ZONEMD validation while it should not. This is only relevant if ZoneToCache is configured with ZONEMD validation.

Action-Not Available
Vendor-PowerDNS
Product-Recursor
CWE ID-CWE-20
Improper Input Validation
CVE-2026-42388
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-5.9||MEDIUM
EPSS-0.40% / 32.36%
||
7 Day CHG~0.00%
Published-25 Jun, 2026 | 12:59
Updated-25 Jun, 2026 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Missing input validation for catalog zones

Incomplete validation of the SOA record present in a catalog zone might lead to a crash.

Action-Not Available
Vendor-PowerDNS
Product-Recursor
CWE ID-CWE-20
Improper Input Validation
CVE-2026-42387
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-5.9||MEDIUM
EPSS-0.40% / 32.36%
||
7 Day CHG~0.00%
Published-25 Jun, 2026 | 12:59
Updated-25 Jun, 2026 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Insufficient input validation in ZoneToCache

A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to a crash of the Recursor due to insuffcient input validation.

Action-Not Available
Vendor-PowerDNS
Product-Recursor
CWE ID-CWE-20
Improper Input Validation
CVE-2026-40012
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-5.3||MEDIUM
EPSS-0.30% / 22.54%
||
7 Day CHG~0.00%
Published-25 Jun, 2026 | 12:58
Updated-25 Jun, 2026 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Information about ECS zero scoped answers might leak to clients that use a specific ECS

ECS zero scoped answers are stored in the packet cache while they should not. This impacts only configurations that have ECS enabled;

Action-Not Available
Vendor-PowerDNS
Product-Recursor
CWE ID-CWE-524
Use of Cache Containing Sensitive Information
CVE-2026-33612
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-7.5||HIGH
EPSS-0.12% / 2.13%
||
7 Day CHG~0.00%
Published-25 Jun, 2026 | 12:58
Updated-25 Jun, 2026 | 16:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ZoneToCache can poison the cache

A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to cache poisoning.

Action-Not Available
Vendor-PowerDNS
Product-Recursor
CWE ID-CWE-349
Acceptance of Extraneous Untrusted Data With Trusted Data
CVE-2026-42004
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-3.7||LOW
EPSS-0.16% / 5.77%
||
7 Day CHG~0.00%
Published-25 Jun, 2026 | 12:24
Updated-25 Jun, 2026 | 14:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
EDNS options smuggling

An attacker can send a crafted EDNS OPT record that will be ignored by DNSdist’s filtering rules, but will be rewritten as a valid OPT record when EDNS Client Subnet is inserted, causing the backend to see the EDNS option(s) that DNSdist did not filter.

Action-Not Available
Vendor-PowerDNS
Product-DNSdist
CWE ID-CWE-115
Misinterpretation of Input
CVE-2026-40211
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-5.3||MEDIUM
EPSS-0.41% / 33.49%
||
7 Day CHG~0.00%
Published-25 Jun, 2026 | 12:23
Updated-25 Jun, 2026 | 14:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial of service via crafted DoH3 queries

An attacker can send crafted DNS over HTTP/3 queries, triggering an exception that prevents some buffer from being freed right away. The buffer will be freed at the end of the QUIC connection, but on some setups it might be possible to open enough concurrent DoH3 streams to trigger an out-of-memory condition, resulting in a denial of service.

Action-Not Available
Vendor-PowerDNS
Product-DNSdist
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-40210
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-4.8||MEDIUM
EPSS-0.34% / 25.80%
||
7 Day CHG~0.00%
Published-25 Jun, 2026 | 12:23
Updated-25 Jun, 2026 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds read in SetMacAddrAction

An out-of-bounds read might happen when SetMacAddrAction is used, potentially resulting in uninitialized memory being sent over the network or a crash.

Action-Not Available
Vendor-PowerDNS
Product-DNSdist
CWE ID-CWE-126
Buffer Over-read
CVE-2026-40209
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-5.3||MEDIUM
EPSS-0.40% / 32.76%
||
7 Day CHG~0.00%
Published-25 Jun, 2026 | 12:23
Updated-25 Jun, 2026 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial of service via IXFR queries

An attacker might be able to cause outgoing TCP connections to backend to be stuck until a timeout occurs instead of being released immediately, by sending IXFR queries. This could be used to cause a denial of service if there is a limit to the number of concurrent connections to this backend, or if the process runs out of file descriptors.

Action-Not Available
Vendor-PowerDNS
Product-DNSdist
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2026-40208
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-3.7||LOW
EPSS-0.29% / 20.49%
||
7 Day CHG~0.00%
Published-25 Jun, 2026 | 12:22
Updated-25 Jun, 2026 | 14:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial of service via DoH3 queries

An attacker might be able to delay the processing of DoH3 queries by sending DoH3 GET queries with an invalid DATA frame.

Action-Not Available
Vendor-PowerDNS
Product-DNSdist
CWE ID-CWE-705
Incorrect Control Flow Scoping
CVE-2026-40011
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-3.7||LOW
EPSS-0.16% / 5.42%
||
7 Day CHG~0.00%
Published-25 Jun, 2026 | 12:22
Updated-25 Jun, 2026 | 16:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Prometheus denial of service via crafted DNS queries

An attacker sending a large number of crafted DNS queries might be able to trigger a dynamic block being inserted with a value causing invalid output to be produced in the prometheus endpoint. The prometheus endpoint will then be rejected by the scraper until the dynamic block expires.

Action-Not Available
Vendor-PowerDNS
Product-DNSdist
CWE ID-CWE-116
Improper Encoding or Escaping of Output
CVE-2026-42005
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-4.3||MEDIUM
EPSS-0.48% / 38.24%
||
7 Day CHG~0.00%
Published-25 Jun, 2026 | 11:57
Updated-25 Jun, 2026 | 16:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Insufficient input validation of internal web server

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default.

Action-Not Available
Vendor-PowerDNS
Product-Authoritative
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2026-41999
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-4.8||MEDIUM
EPSS-0.14% / 3.93%
||
7 Day CHG~0.00%
Published-21 May, 2026 | 09:27
Updated-21 May, 2026 | 15:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect Behaviour of Views with TCP PROXY Requests

Incorrect Behaviour of Views with TCP PROXY Requests

Action-Not Available
Vendor-PowerDNS
Product-Authoritative
CWE ID-CWE-284
Improper Access Control
CVE-2026-42002
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-5.9||MEDIUM
EPSS-0.26% / 17.95%
||
7 Day CHG~0.00%
Published-21 May, 2026 | 09:27
Updated-21 May, 2026 | 15:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Concurrency and locking defects in GSS-TSIG

Concurrency and locking defects in GSS-TSIG

Action-Not Available
Vendor-PowerDNS
Product-Authoritative
CWE ID-CWE-364
Signal Handler Race Condition
CVE-2026-42001
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-7.5||HIGH
EPSS-0.36% / 28.80%
||
7 Day CHG~0.00%
Published-21 May, 2026 | 09:26
Updated-21 May, 2026 | 15:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Insufficient Validation of Autoprimary SOA Queries

Insufficient Validation of Autoprimary SOA Queries

Action-Not Available
Vendor-PowerDNS
Product-Authoritative
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2026-42000
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-6.8||MEDIUM
EPSS-0.24% / 15.26%
||
7 Day CHG~0.00%
Published-21 May, 2026 | 09:25
Updated-21 May, 2026 | 15:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Insufficient Validation of Names During AXFR

Insufficient Validation of Names During AXFR

Action-Not Available
Vendor-PowerDNS
Product-Authoritative
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2026-42396
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-4.9||MEDIUM
EPSS-0.35% / 27.60%
||
7 Day CHG~0.00%
Published-21 May, 2026 | 09:25
Updated-26 May, 2026 | 19:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail

Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail

Action-Not Available
Vendor-powerdnsPowerDNS
Product-authoritativeAuthoritative
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2026-33611
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-6.5||MEDIUM
EPSS-0.42% / 34.39%
||
7 Day CHG~0.00%
Published-22 Apr, 2026 | 14:01
Updated-12 May, 2026 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Insufficient validation of HTTPS and SVCB records

An operator allowed to use the REST API can cause the Authoritative server to produce invalid HTTPS or SVCB record data, which can in turn cause LMDB database corruption, if using the LMDB backend.

Action-Not Available
Vendor-powerdnsPowerDNS
Product-authoritativeAuthoritative
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2026-33610
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-5.9||MEDIUM
EPSS-0.39% / 31.58%
||
7 Day CHG~0.00%
Published-22 Apr, 2026 | 14:00
Updated-24 Apr, 2026 | 18:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Possible file descriptor exhaustion in forward-dnsupdate

A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it.

Action-Not Available
Vendor-powerdnsPowerDNS
Product-authoritativeAuthoritative
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2026-33609
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-5.3||MEDIUM
EPSS-0.24% / 15.36%
||
7 Day CHG~0.00%
Published-22 Apr, 2026 | 14:00
Updated-24 Apr, 2026 | 18:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
LDAP DN injection

Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees.

Action-Not Available
Vendor-powerdnsPowerDNS
Product-authoritativeAuthoritative
CWE ID-CWE-90
Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')
CVE-2026-33608
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-7.4||HIGH
EPSS-0.38% / 30.53%
||
7 Day CHG~0.00%
Published-22 Apr, 2026 | 14:00
Updated-24 Apr, 2026 | 18:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incomplete domain name sanitization during

An attacker can send a notify request that causes a new secondary domain to be added to the bind backend, but causes said backend to update its configuration to an invalid one, leading to the backend no longer able to run on the next restart, requiring manual operation to fix it.

Action-Not Available
Vendor-powerdnsPowerDNS
Product-authoritativeAuthoritative
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2026-33593
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-7.5||HIGH
EPSS-0.38% / 30.39%
||
7 Day CHG~0.00%
Published-22 Apr, 2026 | 13:48
Updated-24 Apr, 2026 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial of service via crafted DNSCrypt query

A client can trigger a divide by zero error leading to crash by sending a crafted DNSCrypt query.

Action-Not Available
Vendor-powerdnsPowerDNS
Product-dnsdistDNSdist
CWE ID-CWE-369
Divide By Zero
CVE-2026-33594
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-5.3||MEDIUM
EPSS-0.37% / 29.39%
||
7 Day CHG~0.00%
Published-22 Apr, 2026 | 13:48
Updated-24 Apr, 2026 | 16:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Outgoing DoH excessive memory allocation

A client can trigger excessive memory allocation by generating a lot of queries that are routed to an overloaded DoH backend, causing queries to accumulate into a buffer that will not be released until the end of the connection.

Action-Not Available
Vendor-powerdnsPowerDNS
Product-dnsdistDNSdist
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-33595
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-5.3||MEDIUM
EPSS-0.37% / 29.39%
||
7 Day CHG~0.00%
Published-22 Apr, 2026 | 13:47
Updated-24 Apr, 2026 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DoQ/DoH3 excessive memory allocation

A client can trigger excessive memory allocation by generating a lot of errors responses over a single DoQ and DoH3 connection, as some resources were not properly released until the end of the connection.

Action-Not Available
Vendor-powerdnsPowerDNS
Product-dnsdistDNSdist
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-33597
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-3.7||LOW
EPSS-0.35% / 27.03%
||
7 Day CHG~0.00%
Published-22 Apr, 2026 | 13:47
Updated-24 Apr, 2026 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PRSD detection denial of service

PRSD detection denial of service

Action-Not Available
Vendor-powerdnsPowerDNS
Product-dnsdistDNSdist
CWE ID-CWE-116
Improper Encoding or Escaping of Output
CVE-2026-33596
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-3.1||LOW
EPSS-0.17% / 6.58%
||
7 Day CHG~0.00%
Published-22 Apr, 2026 | 13:47
Updated-24 Apr, 2026 | 18:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TCP backend stream ID overflow

A client might theoretically be able to cause a mismatch between queries sent to a backend and the received responses by sending a flood of perfectly timed queries that are routed to a TCP-only or DNS over TLS backend.

Action-Not Available
Vendor-powerdnsPowerDNS
Product-dnsdistDNSdist
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2026-33598
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-4.8||MEDIUM
EPSS-1.07% / 61.18%
||
7 Day CHG~0.00%
Published-22 Apr, 2026 | 13:46
Updated-24 Apr, 2026 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds read in cache inspection via Lua

A cached crafted response can cause an out-of-bounds read if custom Lua code calls getDomainListByAddress() or getAddressListByDomain() on a packet cache.

Action-Not Available
Vendor-powerdnsPowerDNS
Product-dnsdistDNSdist
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-33599
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-3.1||LOW
EPSS-0.28% / 20.26%
||
7 Day CHG~0.00%
Published-22 Apr, 2026 | 13:46
Updated-24 Apr, 2026 | 18:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds read in service discovery

A rogue backend can send a crafted SVCB response to a Discovery of Designated Resolvers request, when requested via either the autoUpgrade (Lua) option to newServer or auto_upgrade (YAML) settings. DDR upgrade is not enabled by default.

Action-Not Available
Vendor-powerdnsPowerDNS
Product-dnsdistDNSdist
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-33602
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-6.5||MEDIUM
EPSS-0.73% / 50.19%
||
7 Day CHG~0.00%
Published-22 Apr, 2026 | 13:45
Updated-24 Apr, 2026 | 18:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Off-by-one access when processing crafted UDP responses

A rogue backend can send a crafted UDP response with a query ID off by one related to the maximum configured value, triggering an out-of-bounds write leading to a denial of service.

Action-Not Available
Vendor-powerdnsPowerDNS
Product-dnsdistDNSdist
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2026-33254
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-5.3||MEDIUM
EPSS-0.37% / 29.39%
||
7 Day CHG~0.00%
Published-22 Apr, 2026 | 13:45
Updated-27 Apr, 2026 | 16:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Resource exhaustion via DoQ/DoH3 connections

An attacker can create a large number of concurrent DoQ or DoH3 connections, causing unlimited memory allocation in DNSdist and leading to a denial of service. DOQ and DoH3 are disabled by default.

Action-Not Available
Vendor-powerdnsPowerDNS
Product-dnsdistDNSdist
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-33262
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-5.9||MEDIUM
EPSS-0.42% / 33.96%
||
7 Day CHG~0.00%
Published-22 Apr, 2026 | 09:40
Updated-27 Apr, 2026 | 17:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Insufficient validation of cookie reply

An attacker can send replies that result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service. Cookies are disabled by default.

Action-Not Available
Vendor-powerdnsPowerDNS
Product-recursorRecursor
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2026-33261
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-5.9||MEDIUM
EPSS-0.23% / 13.57%
||
7 Day CHG~0.00%
Published-22 Apr, 2026 | 09:40
Updated-27 Apr, 2026 | 17:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Null pointer accces in aggressive NSEC(3) cache

A zone transition from NSEC to NSEC3 might trigger an internal inconsistency and cause a denial of service.

Action-Not Available
Vendor-powerdnsPowerDNS
Product-recursorRecursor
CWE ID-CWE-353
Missing Support for Integrity Check
CVE-2026-33260
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-5.3||MEDIUM
EPSS-0.52% / 40.96%
||
7 Day CHG~0.00%
Published-22 Apr, 2026 | 09:39
Updated-27 Apr, 2026 | 17:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Insufficient input validation of internal webserver

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default.

Action-Not Available
Vendor-powerdnsPowerDNS
Product-authoritativednsdistrecursorRecursorDNSdistAuthoritative
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-33259
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-5||MEDIUM
EPSS-0.22% / 13.07%
||
7 Day CHG~0.00%
Published-22 Apr, 2026 | 09:38
Updated-27 Apr, 2026 | 17:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Concurrent modification of RPZ data can lead to denial of servce

Having many concurrent transfers of the same RPZ can lead to inconsistent RPZ data, use after free and/or a crash of the recursor. Normally concurrent transfers of the same RPZ zone can only occur with a malfunctioning RPZ provider.

Action-Not Available
Vendor-powerdnsPowerDNS
Product-recursorRecursor
CWE ID-CWE-416
Use After Free
CVE-2026-33258
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-5.3||MEDIUM
EPSS-0.58% / 44.00%
||
7 Day CHG~0.00%
Published-22 Apr, 2026 | 09:38
Updated-27 Apr, 2026 | 17:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Crafted zones can cause increased resource usage

By publishing and querying a crafted zone an attacker can cause allocation of large entries in the negative and aggressive NSEC(3) caches.

Action-Not Available
Vendor-powerdnsPowerDNS
Product-recursorRecursor
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-33257
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-5.3||MEDIUM
EPSS-0.51% / 40.33%
||
7 Day CHG~0.00%
Published-22 Apr, 2026 | 09:37
Updated-27 Apr, 2026 | 17:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Insufficient input validation of internal webserver

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default.

Action-Not Available
Vendor-powerdnsPowerDNS
Product-authoritativednsdistrecursorRecursorDNSdistAuthoritative
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-33256
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-5.3||MEDIUM
EPSS-0.61% / 45.04%
||
7 Day CHG~0.00%
Published-22 Apr, 2026 | 09:37
Updated-27 Apr, 2026 | 17:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unbounded memory allocation by internal web server

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default.

Action-Not Available
Vendor-powerdnsPowerDNS
Product-recursorRecursor
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-33601
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-4.4||MEDIUM
EPSS-0.51% / 40.26%
||
7 Day CHG~0.00%
Published-22 Apr, 2026 | 09:37
Updated-27 Apr, 2026 | 16:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Insufficient validation of zonemd record

If you use the zoneToCache function with a malicious authoritative server, an attacker can send a zone that result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service.

Action-Not Available
Vendor-powerdnsPowerDNS
Product-recursorRecursor
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2026-33600
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-4.4||MEDIUM
EPSS-0.52% / 40.88%
||
7 Day CHG~0.00%
Published-22 Apr, 2026 | 09:33
Updated-27 Apr, 2026 | 16:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Null pointer dereference in RPZ transfer

An RPZ sent by a malicious authoritative server can result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service.

Action-Not Available
Vendor-powerdnsPowerDNS
Product-recursorRecursor
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2026-27854
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-4.8||MEDIUM
EPSS-0.47% / 37.74%
||
7 Day CHG~0.00%
Published-31 Mar, 2026 | 12:06
Updated-14 Apr, 2026 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use after free when parsing EDNS options in Lua

An attacker might be able to trigger a use-after-free by sending crafted DNS queries to a DNSdist using the DNSQuestion:getEDNSOptions method in custom Lua code. In some cases DNSQuestion:getEDNSOptions might refer to a version of the DNS packet that has been modified, thus triggering a use-after-free and potentially a crash resulting in denial of service.

Action-Not Available
Vendor-powerdnsPowerDNS
Product-dnsdistDNSdist
CWE ID-CWE-416
Use After Free
CVE-2026-27853
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-5.9||MEDIUM
EPSS-0.49% / 38.89%
||
7 Day CHG~0.00%
Published-31 Mar, 2026 | 12:04
Updated-14 Apr, 2026 | 16:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds write when rewriting large DNS packets

An attacker might be able to trigger an out-of-bounds write by sending crafted DNS responses to a DNSdist using the DNSQuestion:changeName or DNSResponse:changeName methods in custom Lua code. In some cases the rewritten packet might become larger than the initial response and even exceed 65535 bytes, potentially leading to a crash resulting in denial of service.

Action-Not Available
Vendor-powerdnsPowerDNS
Product-dnsdistDNSdist
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-24030
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-5.3||MEDIUM
EPSS-0.54% / 41.62%
||
7 Day CHG~0.00%
Published-31 Mar, 2026 | 12:01
Updated-14 Apr, 2026 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unbounded memory allocation for DoQ and DoH3

An attacker might be able to trick DNSdist into allocating too much memory while processing DNS over QUIC or DNS over HTTP/3 payloads, resulting in a denial of service. In setups with a large quantity of memory available this usually results in an exception and the QUIC connection is properly closed, but in some cases the system might enter an out-of-memory state instead and terminate the process.

Action-Not Available
Vendor-powerdnsPowerDNS
Product-dnsdistDNSdist
CWE ID-CWE-789
Memory Allocation with Excessive Size Value
CVE-2026-24029
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-6.5||MEDIUM
EPSS-0.15% / 4.48%
||
7 Day CHG~0.00%
Published-31 Mar, 2026 | 11:59
Updated-14 Apr, 2026 | 16:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DNS over HTTPS ACL bypass

When the early_acl_drop (earlyACLDrop in Lua) option is disabled (default is enabled) on a DNS over HTTPs frontend using the nghttp2 provider, the ACL check is skipped, allowing all clients to send DoH queries regardless of the configured ACL.

Action-Not Available
Vendor-powerdnsPowerDNS
Product-dnsdistDNSdist
CWE ID-CWE-863
Incorrect Authorization
CVE-2026-24028
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-5.3||MEDIUM
EPSS-1.03% / 59.79%
||
7 Day CHG~0.00%
Published-31 Mar, 2026 | 11:57
Updated-14 Apr, 2026 | 16:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds read when parsing DNS packets via Lua

An attacker might be able to trigger an out-of-bounds read by sending a crafted DNS response packet, when custom Lua code uses newDNSPacketOverlay to parse DNS packets. The out-of-bounds read might trigger a crash, leading to a denial of service, or access unrelated memory, leading to potential information disclosure.

Action-Not Available
Vendor-powerdnsPowerDNS
Product-dnsdistDNSdist
CWE ID-CWE-126
Buffer Over-read
CVE-2026-0397
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-3.1||LOW
EPSS-0.16% / 5.64%
||
7 Day CHG~0.00%
Published-31 Mar, 2026 | 11:53
Updated-14 Apr, 2026 | 16:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Information disclosure via CORS misconfiguration

When the internal webserver is enabled (default is disabled), an attacker might be able to trick an administrator logged to the dashboard into visiting a malicious website and extract information about the running configuration from the dashboard. The root cause of the issue is a misconfiguration of the Cross-Origin Resource Sharing (CORS) policy.

Action-Not Available
Vendor-powerdnsPowerDNS
Product-dnsdistDNSdist
CWE ID-CWE-942
Permissive Cross-domain Policy with Untrusted Domains
CVE-2026-0396
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-3.1||LOW
EPSS-0.14% / 3.43%
||
7 Day CHG~0.00%
Published-31 Mar, 2026 | 11:50
Updated-13 Apr, 2026 | 12:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HTML injection in the web dashboard

An attacker might be able to inject HTML content into the internal web dashboard by sending crafted DNS queries to a DNSdist instance where domain-based dynamic rules have been enabled via either DynBlockRulesGroup:setSuffixMatchRule or DynBlockRulesGroup:setSuffixMatchRuleFFI.

Action-Not Available
Vendor-powerdnsPowerDNS
Product-dnsdistDNSdist
CWE ID-CWE-80
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
CVE-2025-59024
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-6.5||MEDIUM
EPSS-0.12% / 2.32%
||
7 Day CHG~0.00%
Published-09 Feb, 2026 | 14:44
Updated-20 Apr, 2026 | 15:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Crafted delegations or IP fragments can poison cached delegations in Recursor

Crafted delegations or IP fragments can poison cached delegations in Recursor.

Action-Not Available
Vendor-powerdnsPowerDNS
Product-recursorRecursor
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2025-59023
Assigner-Open-Xchange
ShareView Details
Assigner-Open-Xchange
CVSS Score-8.2||HIGH
EPSS-0.27% / 18.44%
||
7 Day CHG~0.00%
Published-09 Feb, 2026 | 14:44
Updated-20 Apr, 2026 | 15:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Crafted delegations or IP fragments can poison cached delegations in Recursor

Crafted delegations or IP fragments can poison cached delegations in Recursor.

Action-Not Available
Vendor-powerdnsPowerDNS
Product-recursorRecursor
CWE ID-CWE-294
Authentication Bypass by Capture-replay
  • Previous
  • 1
  • 2
  • Next