CVE-2026-33259

Concurrent modification of RPZ data can lead to denial of servce

Description

Having many concurrent transfers of the same RPZ can lead to inconsistent RPZ data, use after free and/or a crash of the recursor. Normally concurrent transfers of the same RPZ zone can only occur with a malfunctioning RPZ provider.

INFO

Published Date :

2026-04-22T09:38:51.991Z

Last Modified :

2026-04-22T09:38:51.991Z

Source :

OX

AFFECTED PRODUCTS

The following products are affected by CVE-2026-33259 vulnerability.

Vendors	Products
Powerdns	Recursor

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-33259.

URL	Resource
https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-03.html

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact