CVE-2026-33611

MEDIUM CVSS 6.5 View on NVD ↗

Description

An operator allowed to use the REST API can cause the Authoritative server to produce invalid HTTPS or SVCB record data, which can in turn cause LMDB database corruption, if using the LMDB backend.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

References

https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-powerdns-2026-05.html

Published: Apr 22, 2026 14:16 UTC Modified: Apr 22, 2026 21:23 UTC