CVE-2026-33610
Received
Received - Intake
File Descriptor Exhaustion in PowerDNS Secondary Causes DoS
Publication date: 2026-04-22
Last updated on: 2026-04-24
Assigner: Open-Xchange
Description
Description
A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| powerdns | authoritative | From 4.9.0 (inc) to 4.9.14 (exc) |
| powerdns | authoritative | From 5.0.0 (inc) to 5.0.4 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-400 | The product does not properly control the allocation and maintenance of a limited resource. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs when a rogue primary server causes file descriptor exhaustion on a PowerDNS secondary server. This happens because the secondary server forwards a DNS update request to the rogue primary server, which leads to resource exhaustion.
How can this vulnerability impact me? :
The impact of this vulnerability is a denial of service (DoS) condition. The exhaustion of file descriptors on the PowerDNS secondary server can prevent it from functioning properly, potentially disrupting DNS services.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70