CVE-2026-33610
HIGH WAF: Medium
CVSS 7.5
Published: 2026-04-22
CWE-400
A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it.
WAF Coverage Analysis
Uncontrolled Resource Consumption
Medium WAF Coverage
OWASP: A05:2021 Security Misconfiguration
912xxx - DOS Protection
Affected Software
| Vendor | Product | Version |
|---|---|---|
| powerdns | authoritative | 4.9.0 - 4.9.14 |
| powerdns | authoritative | 5.0.0 - 5.0.4 |
References
- docs.powerdns.com (Broken Link, Vendor Advisory)