CVE-2026-40209
- EPSS 0.4%
- Veröffentlicht 25.06.2026 12:23:05
- Zuletzt bearbeitet 25.06.2026 15:59:47
An attacker might be able to cause outgoing TCP connections to backend to be stuck until a timeout occurs instead of being released immediately, by sending IXFR queries. This could be used to cause a denial of service if there is a limit to the numbe...
CVE-2026-40208
- EPSS 0.29%
- Veröffentlicht 25.06.2026 12:22:42
- Zuletzt bearbeitet 25.06.2026 15:59:47
An attacker might be able to delay the processing of DoH3 queries by sending DoH3 GET queries with an invalid DATA frame.
CVE-2026-40011
- EPSS 0.16%
- Veröffentlicht 25.06.2026 12:22:19
- Zuletzt bearbeitet 25.06.2026 16:00:30
An attacker sending a large number of crafted DNS queries might be able to trigger a dynamic block being inserted with a value causing invalid output to be produced in the prometheus endpoint. The prometheus endpoint will then be rejected by the scra...
CVE-2026-42005
- EPSS 0.48%
- Veröffentlicht 25.06.2026 12:16:47
- Zuletzt bearbeitet 25.06.2026 16:00:30
An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default.
CVE-2026-42396
- EPSS 0.35%
- Veröffentlicht 21.05.2026 10:16:25
- Zuletzt bearbeitet 26.05.2026 19:19:42
Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail
CVE-2026-41999
- EPSS 0.14%
- Veröffentlicht 21.05.2026 10:16:25
- Zuletzt bearbeitet 26.05.2026 20:32:31
Incorrect Behaviour of Views with TCP PROXY Requests
CVE-2026-42000
- EPSS 0.24%
- Veröffentlicht 21.05.2026 10:16:25
- Zuletzt bearbeitet 26.05.2026 19:38:25
Insufficient Validation of Names During AXFR
CVE-2026-42001
- EPSS 0.37%
- Veröffentlicht 21.05.2026 10:16:25
- Zuletzt bearbeitet 26.05.2026 19:24:18
Insufficient Validation of Autoprimary SOA Queries
CVE-2026-42002
- EPSS 0.26%
- Veröffentlicht 21.05.2026 10:16:25
- Zuletzt bearbeitet 26.05.2026 19:23:42
Concurrency and locking defects in GSS-TSIG
CVE-2026-33611
- EPSS 0.42%
- Veröffentlicht 22.04.2026 14:16:55
- Zuletzt bearbeitet 12.05.2026 20:16:46
An operator allowed to use the REST API can cause the Authoritative server to produce invalid HTTPS or SVCB record data, which can in turn cause LMDB database corruption, if using the LMDB backend.