CVE-2026-35406
HIGH WAF: Medium
CVSS 7.5
Published: 2026-04-07
CWE-400
Aardvark-dns is an authoritative dns server for A/AAAA container records. From 1.16.0 to 1.17.0, a truncated TCP DNS query followed by a connection reset causes aardvark-dns to enter an unrecoverable infinite error loop at 100% CPU. This vulnerability is fixed in 1.17.1.
WAF Coverage Analysis
Uncontrolled Resource Consumption
Medium WAF Coverage
OWASP: A05:2021 Security Misconfiguration
912xxx - DOS Protection
Affected Software
| Vendor | Product | Version |
|---|---|---|
| containers | aardvark-dns | 1.16.0 - 1.17.1 |
References
- github.com (Patch)
- github.com (Release Notes)
- github.com (Patch, Vendor Advisory)