Home

Description

A client might theoretically be able to cause a mismatch between queries sent to a backend and the received responses by sending a flood of perfectly timed queries that are routed to a TCP-only or DNS over TLS backend.

PUBLISHED Reserved 2026-03-23 | Published 2026-04-22 | Updated 2026-04-22 | Assigner OX




LOW: 3.1CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

Problem types

Integer Overflow or Wraparound

Product status

Default status
unaffected

1.9.0 (semver) before 1.9.13
affected

2.0.0 (semver) before 2.0.4
affected

Credits

ylwango613 finder

References

www.dnsdist.org/...owerdns-advisory-for-dnsdist-2026-04.html

cve.org (CVE-2026-33596)

nvd.nist.gov (CVE-2026-33596)

Download JSON