EUVD-2026-24941

A rogue backend can send a crafted SVCB response to a Discovery of Designated Resolvers request, when requested via either the autoUpgrade Lua option to newServer or autoupgrade YAML settings. DDR upgrade is not enabled by default...

CVE-2026-33599

CVE-2026-33599 describes a vulnerability in PowerDNS DNSdist where a rogue backend can send a crafted SVCB response to a Discovery of Designated Resolvers request when triggered via the autoUpgrade (Lua) option to newServer or the auto_upgrade (YAML) setting. DDR upgrade is not enabled by default...