Medium severity5.9NVD Advisory· Published Apr 22, 2026· Updated Apr 24, 2026

CVE-2026-33610

Description

A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it.

Affected products

PowerDNS/Authoritative
cpe:2.3:a:powerdns:authoritative:*:*:*:*:*:*:*:*
Range: >=4.9.0,<4.9.14

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-powerdns-2026-05.htmlnvdBroken LinkVendor Advisory

News mentions

Bypassing On-Camera Age-Verification Checks
Schneier on Security · May 15, 2026
How AI Hallucinations Are Creating Real Security Risks
The Hacker News · May 14, 2026
Zero Chaos: Scaling Detection Engineering at the Speed of Software, with Detection As Code
Rapid7 Blog · May 8, 2026
When DNSSEC goes wrong: how we responded to the .de TLD outage
Cloudflare Blog · May 6, 2026
One in four MCP servers opens AI agent security to code execution risk
Help Net Security · May 5, 2026
Singapore boffins get diverse SIEMs singing in harmony with agentic rule translation
The Register Security · May 5, 2026
Singapore boffins get diverse SIEMs singing in harmony with agentic rule translation
The Register Security · May 5, 2026
Silver Fox Springs Tax-Themed Attacks on Orgs in India, Russia
Dark Reading · May 4, 2026
Yet another experiment proves it's too damn simple to poison large language models
The Register Security · Apr 29, 2026
Redirects for AI Training enforces canonical content
Cloudflare Blog · Apr 17, 2026
AI Threat Landscape Digest January-February 2026
Check Point Research · Mar 29, 2026

cvss	0.384
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000