CVE-2026-33260

· NIST NVD ↗

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default.

MEDIUM
CVSS severity
5.3
CVSS base score
2026-04-22
Published

CWE codes

CWE-770

Affected products

powerdns:authoritativepowerdns:dnsdistpowerdns:recursor

Sources