CVE-2026-33601

· NIST NVD ↗

If you use the zoneToCache function with a malicious authoritative server, an attacker can send a zone that result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service.

MEDIUM
CVSS severity
4.4
CVSS base score
2026-04-22
Published

CWE codes

CWE-476

Affected products

powerdns:recursor

Sources