CVE-2026-42255
Received
Received - Intake
DNS Amplification via Cyclic Delegation in Technitium DNS Server
Publication date: 2026-04-26
Last updated on: 2026-04-29
Assigner: MITRE
Description
Description
Technitium DNS Server before 15.0 allows DNS traffic amplification via cyclic name server delegation.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| technitium | dnsserver | to 15.0 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-684 | The code does not function according to its published specifications, potentially leading to incorrect usage. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Technitium DNS Server versions before 15.0. It allows an attacker to exploit DNS traffic amplification through cyclic name server delegation.
How can this vulnerability impact me? :
The vulnerability can lead to DNS traffic amplification attacks, which may result in increased network traffic and potential denial of service conditions. The CVSS score indicates it can cause integrity and availability impacts without requiring privileges or user interaction.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70