CVE-2026-33599
CVE-2026-33599 describes a vulnerability in PowerDNS DNSdist where a rogue backend can send a crafted SVCB response to a Discovery of Designated Resolvers request when triggered via the autoUpgrade (Lua) option to newServer or the auto_upgrade (YAML) setting. DDR upgrade is not enabled by default...