CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AlpineLinux•added 2026/04/22 1:48 p.m.•1 views

CVE-2026-33594

7.5CVSS6AI score0.00005EPSS

Cvelist•added 2026/04/22 1:48 p.m.•22 views

CVE-2026-33594 Outgoing DoH excessive memory allocation

5.3CVSS0.00005EPSS

Cvelist•added 2026/04/22 1:47 p.m.•23 views

CVE-2026-33595 DoQ/DoH3 excessive memory allocation

A client can trigger excessive memory allocation by generating a lot of errors responses over a single DoQ and DoH3 connection, as some resources were not properly released until the end of the connection...

5.3CVSS0.00005EPSS

AlpineLinux•added 2026/04/22 1:47 p.m.•1 views

CVE-2026-33595

CVE•added 2026/04/22 1:47 p.m.•7 views

CVE-2026-33595

The connected documents independently confirm CVE-2026-33595 affects PowerDNS DNSdist, describing a flaw where a client can trigger excessive memory allocation by generating many error responses over a single DoQ/DoH3 connection, with resources not released until connection end. This is the state...

Exploits0References1Affected Software1

Cvelist•added 2026/04/22 1:45 p.m.•23 views

CVE-2026-33254 Resource exhaustion via DoQ/DoH3 connections

An attacker can create a large number of concurrent DoQ or DoH3 connections, causing unlimited memory allocation in DNSdist and leading to a denial of service. DOQ and DoH3 are disabled by default...

5.3CVSS0.00005EPSS

Vulnrichment•added 2026/04/22 1:45 p.m.•3 views

CVE-2026-33254 Resource exhaustion via DoQ/DoH3 connections

An attacker can create a large number of concurrent DoQ or DoH3 connections, causing unlimited memory allocation in DNSdist and leading to a denial of service. DOQ and DoH3 are disabled by default...

5.3CVSS5.8AI score0.00005EPSS

AlpineLinux•added 2026/04/22 1:45 p.m.•0 views

CVE-2026-33254

An attacker can create a large number of concurrent DoQ or DoH3 connections, causing unlimited memory allocation in DNSdist and leading to a denial of service. DOQ and DoH3 are disabled by default...

7.5CVSS5.7AI score0.00005EPSS

CVE•added 2026/04/22 1:45 p.m.•8 views

CVE-2026-33254

CVE-2026-33254 affects PowerDNS DNSdist. An attacker can open a large number of concurrent DoQ/DoH3 connections, causing unbounded memory allocation and denial of service. DoQ/DoH3 are disabled by default, which mitigates impact per the sources; no patch/version details are provided in the docume...

Exploits0References1Affected Software1

Debian CVE•added 2026/04/22 1:45 p.m.•2 views

CVE-2026-33254

An attacker can create a large number of concurrent DoQ or DoH3 connections, causing unlimited memory allocation in DNSdist and leading to a denial of service. DOQ and DoH3 are disabled by default...

7.5CVSS5.4AI score0.00005EPSS

Positive Technologies•added 2026/04/22 12:0 a.m.•2 views

PT-2026-34436

Name of the Vulnerable Software and Affected Versions DNSdist affected versions not specified Description An attacker can create a large number of concurrent DoQ DNS over QUIC or DoH3 DNS over HTTP/3 connections, causing unlimited memory allocation and leading to a denial of service. DoQ and DoH3...

7.5CVSS5.2AI score0.00009EPSS

Exploits0References16

Tenable Nessus•added 2026/04/22 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-33594

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A client can trigger excessive memory allocation by generating a lot of queries that are routed to an overloaded DoH backend, causing queries to accumulate into...

7.5CVSS6AI score0.00005EPSS

Exploits0References3

CNNVD•added 2026/04/22 12:0 a.m.•6 views

PowerDNS DNSdist 安全漏洞

PowerDNS DNSdist is a proxy software provided by PowerDNS that offers capabilities for DNS traffic load balancing and security protection. PowerDNS DNSdist has a security vulnerability that stems from the ability of clients to trigger excessive memory allocation by generating numerous error...