CVE-2026-33258
- EPSS 0.58%
- Veröffentlicht 22.04.2026 10:16:51
- Zuletzt bearbeitet 27.04.2026 17:03:45
By publishing and querying a crafted zone an attacker can cause allocation of large entries in the negative and aggressive NSEC(3) caches.
- EPSS 0.23%
- Veröffentlicht 22.04.2026 10:16:51
- Zuletzt bearbeitet 27.04.2026 17:03:35
Having many concurrent transfers of the same RPZ can lead to inconsistent RPZ data, use after free and/or a crash of the recursor. Normally concurrent transfers of the same RPZ zone can only occur with a malfunctioning RPZ provider.
CVE-2026-33261
- EPSS 0.23%
- Veröffentlicht 22.04.2026 10:16:51
- Zuletzt bearbeitet 27.04.2026 17:03:09
A zone transition from NSEC to NSEC3 might trigger an internal inconsistency and cause a denial of service.
CVE-2026-33262
- EPSS 0.42%
- Veröffentlicht 22.04.2026 10:16:51
- Zuletzt bearbeitet 27.04.2026 17:02:49
An attacker can send replies that result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service. Cookies are disabled by default.
CVE-2026-33260
- EPSS 0.52%
- Veröffentlicht 22.04.2026 10:16:51
- Zuletzt bearbeitet 27.04.2026 17:03:22
An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default.
CVE-2026-33600
- EPSS 0.52%
- Veröffentlicht 22.04.2026 09:33:12
- Zuletzt bearbeitet 27.04.2026 16:59:23
An RPZ sent by a malicious authoritative server can result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service.
CVE-2025-59024
- EPSS 0.12%
- Veröffentlicht 09.02.2026 14:44:28
- Zuletzt bearbeitet 20.04.2026 15:11:15
Crafted delegations or IP fragments can poison cached delegations in Recursor.
CVE-2025-59023
- EPSS 0.27%
- Veröffentlicht 09.02.2026 14:44:19
- Zuletzt bearbeitet 20.04.2026 15:11:13
Crafted delegations or IP fragments can poison cached delegations in Recursor.
CVE-2026-24027
- EPSS 0.4%
- Veröffentlicht 09.02.2026 14:25:24
- Zuletzt bearbeitet 20.04.2026 14:55:39
Crafted zones can lead to increased incoming network traffic.
CVE-2026-0398
- EPSS 0.41%
- Veröffentlicht 09.02.2026 14:20:46
- Zuletzt bearbeitet 20.04.2026 14:55:46
Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poisoning in Recursor.