Home

Description

By publishing and querying a crafted zone an attacker can cause allocation of large entries in the negative and aggressive NSEC(3) caches.

PUBLISHED Reserved 2026-03-18 | Published 2026-04-22 | Updated 2026-04-22 | Assigner OX




MEDIUM: 5.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Problem types

Allocation of Resources Without Limits or Throttling

Product status

Default status
unaffected

5.4.0 (semver) before 5.4.1
affected

5.3.0 (semver) before 5.3.6
affected

5.2.0 (semver) before 5.2.9
affected

Credits

Haruto Kimura (Stella) finder

References

docs.powerdns.com/...powerdns-advisory-powerdns-2026-03.html

cve.org (CVE-2026-33258)

nvd.nist.gov (CVE-2026-33258)

Download JSON