CVE-2026-33601

MEDIUM EPSS 39.7%

Published Apr 22, 20262mo ago · Modified Jun 17, 20261w ago

4.9 CVSS 3.1

Medium

Published Apr 22, 2026 2mo ago

Last Modified Jun 17, 2026 1w ago

Description

If you use the zoneToCache function with a malicious authoritative server, an attacker can send a zone that result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service.

CVSS Details

Base Score

4.9

Exploitability

1.2

Impact

3.6

Vector string

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Attack Vector Network

Attack Complexity Low

Privileges Required High

User Interaction None

Scope Unchanged

Confidentiality None

Integrity None

Availability High

Threat Intelligence

EPSS Exploit Probability

39.7% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 3

Vendor	Product	Version	Range
powerdns	recursor	*	≥5.2.0 – <5.2.9
powerdns	recursor	*	≥5.3.0 – <5.3.6
powerdns	recursor	5.4.0	any

References 1

docs.powerdns.com https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-03.html

Broken LinkVendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.