CVE-2026-33599
A rogue backend can send a crafted SVCB response to a Discovery of Designated Resolvers request, when requested via eith
A rogue backend can send a crafted SVCB response to a Discovery of Designated Resolvers request, when requested via either the autoUpgrade (Lua) option to newServer or auto_upgrade (YAML) settings. DDR upgrade is not enabled by default.
LOW · CVSS 3.1
EPSS 3e-05
Monitor
- No active-exploitation, high-EPSS, or public-exploit signals - routine patching cadence
Sigma rules0
YARA rules0