CVE-2026-33596

Description

A client might theoretically be able to cause a mismatch between queries sent to a backend and the received responses by sending a flood of perfectly timed queries that are routed to a TCP-only or DNS over TLS backend.

References

• https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-04.html