CVE-2026-45557

MEDIUM

Technitium DNS Server excessive DNSSEC requests

Title source: cna

Description

Technitium DNS Server aggressively tries to fetch missing RRSIG records or mismatched DNSKEY records. An attacker in control of a domain can cause a vulnerable system to generate excessive network traffic. Fixed in 15.0.

References (3)

Core 3

Core References

Patch patch

url

https://github.com/TechnitiumSoftware/DnsServer/blo/master/CHANGELOG.md#version-150

View Patch ZIP pw:eip

url

https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-26-138-02.json

url

https://www.cve.org/CVERecord?id=CVE-2026-45557

Scores

CVSS v3 5.8

EPSS 0.0039

EPSS Percentile 30.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-405 CWE-406 CWE-770

Status published

Products (2)

Technitium/DNS Server < 15.0

Technitium/DNS Server 15.0

Published May 19, 2026

Tracked Since May 19, 2026