CVE-2026-33594

Summary

A client can trigger excessive memory allocation by generating a lot of queries that are routed to an overloaded DoH backend, causing queries to accumulate into a buffer that will not be released until the end of the connection.

Affected Software

VendorProductVersion RangeStatus
PowerDNSDNSdist1.9.0 < 1.9.13affected
PowerDNSDNSdist2.0.0 < 2.0.4affected

Weaknesses

  • Allocation of Resources Without Limits or Throttling

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References