Vulnerability Details CVE-2026-33611
An operator allowed to use the REST API can cause the Authoritative server to produce invalid HTTPS or SVCB record data, which can in turn cause LMDB database corruption, if using the LMDB backend.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 0.8%
CVSS Severity
CVSS v3 Score 6.5
References
Products affected by CVE-2026-33611
-
cpe:2.3:a:powerdns:authoritative:4.9.0
-
cpe:2.3:a:powerdns:authoritative:4.9.1
-
cpe:2.3:a:powerdns:authoritative:4.9.10
-
cpe:2.3:a:powerdns:authoritative:4.9.11
-
cpe:2.3:a:powerdns:authoritative:4.9.12
-
cpe:2.3:a:powerdns:authoritative:4.9.13
-
cpe:2.3:a:powerdns:authoritative:4.9.2
-
cpe:2.3:a:powerdns:authoritative:4.9.3
-
cpe:2.3:a:powerdns:authoritative:4.9.4
-
cpe:2.3:a:powerdns:authoritative:4.9.5
-
cpe:2.3:a:powerdns:authoritative:4.9.6
-
cpe:2.3:a:powerdns:authoritative:4.9.7
-
cpe:2.3:a:powerdns:authoritative:4.9.8
-
cpe:2.3:a:powerdns:authoritative:4.9.9
-
cpe:2.3:a:powerdns:authoritative:5.0.0
-
cpe:2.3:a:powerdns:authoritative:5.0.1
-
cpe:2.3:a:powerdns:authoritative:5.0.2
-
cpe:2.3:a:powerdns:authoritative:5.0.3