CVE-2026-33610: Possible file descriptor exhaustion in forward-dnsupdate
Published Apr 22, 2026
·Updated
A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it.
Affected Software
3 affected components
PowerDNS PowerDNS Authoritative Server
PowerDNS Authoritative>=4.9.0<4.9.14
PowerDNS Authoritative>=5.0.0<5.0.4
Event History
Apr 22, 2026
CVE Published
via MITRE·02:00 PM
Data Sourced
via MITRE·02:00 PM
DescriptionSeverityWeakness
Data Sourced
via NVD·02:16 PM
DescriptionSeverityWeaknessAffected Software
Frequently Asked Questions
1
What is the severity of CVE-2026-33610?
CVE-2026-33610 is classified as a medium severity vulnerability.
2
How do I fix CVE-2026-33610?
To fix CVE-2026-33610, you should update your PowerDNS Authoritative Server to the latest version provided by PowerDNS.
3
What type of attack does CVE-2026-33610 facilitate?
CVE-2026-33610 facilitates a denial of service attack due to file descriptor exhaustion caused by rogue DNS update requests.
4
Which PowerDNS version is affected by CVE-2026-33610?
CVE-2026-33610 affects the PowerDNS Authoritative Server but specific vulnerable versions should be confirmed from the vendor's advisory.
5
Why is CVE-2026-33610 a concern for PowerDNS users?
CVE-2026-33610 is a concern for PowerDNS users as it can lead to service unavailability if exploited, impacting DNS resolution services.