CVE-2026-33261

MEDIUM

Null pointer accces in aggressive NSEC(3) cache

Title source: cna

Description

A zone transition from NSEC to NSEC3 might trigger an internal inconsistency and cause a denial of service.

References (1)

Scores

CVSS v3 5.9
EPSS 0.0002
EPSS Percentile 5.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-353
Status published
Products (3)
PowerDNS/Recursor 5.2.0 - 5.2.9
PowerDNS/Recursor 5.3.0 - 5.3.6
PowerDNS/Recursor 5.4.0 - 5.4.1
Published Apr 22, 2026
Tracked Since Apr 22, 2026