Sign in Get started

← All advisories

Medium severity5.3NVD Advisory· Published Apr 22, 2026· Updated Apr 27, 2026

CVE-2026-33258

CVE-2026-33258

Description

By publishing and querying a crafted zone an attacker can cause allocation of large entries in the negative and aggressive NSEC(3) caches.

Affected products

2

PowerDNS/Recursor2 versions
cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*range: >=5.2.0,<5.2.9
- cpe:2.3:a:powerdns:recursor:5.4.0:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-03.htmlnvdVendor AdvisoryBroken Link

News mentions

0

No linked articles in our index yet.