CVE-2026-33602
Received Received - Intake
Out-of-Bounds Write in UDP Handling Causes Denial of Service

Publication date: 2026-04-22

Last updated on: 2026-04-24

Assigner: Open-Xchange

Description
A rogue backend can send a crafted UDP response with a query ID off by one related to the maximum configured value, triggering an out-of-bounds write leading to a denial of service.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-22
Last Modified
2026-04-24
Generated
2026-06-16
AI Q&A
2026-04-22
EPSS Evaluated
2026-06-14
NVD
CVE-2026-33602
EUVD
EUVD-2026-24943
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
powerdns dnsdist From 1.9.0 (inc) to 1.9.13 (exc)
powerdns dnsdist From 2.0.0 (inc) to 2.0.4 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-122 A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability occurs when a rogue backend sends a specially crafted UDP response with a query ID that is off by one from the maximum configured value. This causes an out-of-bounds write in the system.

The out-of-bounds write can lead to a denial of service condition.

Impact Analysis

The primary impact of this vulnerability is a denial of service (DoS) attack.

An attacker exploiting this vulnerability can cause the affected system to crash or become unavailable by triggering an out-of-bounds write.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-33602. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart