CVE-2026-33594

Description

A client can trigger excessive memory allocation by generating a lot of queries that are routed to an overloaded DoH backend, causing queries to accumulate into a buffer that will not be released until the end of the connection.

References

• https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-04.html