CVE-2026-45557

Summary

Technitium DNS Server aggressively tries to fetch missing RRSIG records or mismatched DNSKEY records. An attacker in control of a domain can cause a vulnerable system to generate excessive network traffic. Fixed in 15.0.

Affected Software

VendorProductVersion RangeStatus
TechnitiumDNS Server0 < 15.0affected
TechnitiumDNS Server15.0unaffected

Weaknesses

  • CWE-405: CWE-405 Asymmetric Resource Consumption (Amplification)
  • CWE-406: CWE-406 Insufficient Control of Network Message Volume (Network Amplification)
  • CWE-770: CWE-770 Allocation of Resources Without Limits or Throttling

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References