CVE-2026-40209
Denial of service via IXFR queries
Description
An attacker might be able to cause outgoing TCP connections to backend to be stuck until a timeout occurs instead of being released immediately, by sending IXFR queries. This could be used to cause a denial of service if there is a limit to the number of concurrent connections to this backend, or if the process runs out of file descriptors.
INFO
Published Date :
June 25, 2026, 12:23 p.m.
Last Modified :
June 25, 2026, 12:23 p.m.
Remotely Exploit :
Yes !
Source :
OX
CVSS Scores
| Score | Version | Severity | Vector | Exploitability Score | Impact Score | Source |
|---|---|---|---|---|---|---|
| CVSS 3.1 | MEDIUM | 8ce71d90-2354-404b-a86e-bec2cc4e6981 | ||||
| CVSS 3.1 | MEDIUM | [email protected] |
Solution
- Apply security patches provided by the vendor.
- Update DNS server software to the latest version.
- Monitor for IXFR query abuse.
- Configure connection limits.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2026-40209 vulnerability anywhere in the article.