VYPR
Medium severity5.3NVD Advisory· Published Apr 22, 2026· Updated Apr 27, 2026

CVE-2026-33258

CVE-2026-33258

Description

By publishing and querying a crafted zone an attacker can cause allocation of large entries in the negative and aggressive NSEC(3) caches.

Affected products

3
  • PowerDNS/Recursor3 versions
    cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*range: >=5.2.0,<5.2.9
    • cpe:2.3:a:powerdns:recursor:5.4.0:*:*:*:*:*:*:*
    • (no CPE)

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.