CVE-2026-40011 — LOW (3.7) — White Hats Nepal

Vulnerability Description

An attacker sending a large number of crafted DNS queries might be able to trigger a dynamic block being inserted with a value causing invalid output to be produced in the prometheus endpoint. The prometheus endpoint will then be rejected by the scraper until the dynamic block expires.

CVSS Score

3.7

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

LOW

Availability

NONE

Related Weaknesses (CWE)

CWE-116

References

https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-0

FAQ

What is CVE-2026-40011?

CVE-2026-40011 is a vulnerability with a CVSS score of 3.7 (LOW). An attacker sending a large number of crafted DNS queries might be able to trigger a dynamic block being inserted with a value causing invalid output to be produced in the prometheus endpoint. The pro...

How severe is CVE-2026-40011?

CVE-2026-40011 has been rated LOW with a CVSS base score of 3.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2026-40011?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.