CVE Catalog

CVE-2026-36478

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.39%

31th percentile — higher than 31% of all known CVEs

Summary

A vulnerability in Technitium DNS Server version 14.3 and earlier allows a remote attacker to cause a denial of service (DoS) via the DnsServerApp.exe, DnsServerApp.dll, and TechnitiumLibrary.Net/Dns/DnsClient.cs components.

Risk Assessment

An attacker can remotely render the DNS service unavailable, disrupting network operations and applications that rely on name resolution, leading to downtime and potential financial losses.

Recommendation

Immediately update Technitium DNS Server to a version later than 14.3 where this vulnerability is fixed. If an update is not possible, restrict access to the server from trusted networks only.

Original NVD description (English source)

An issue in Technitium DNS Server v.14.3 and before allows a remote attacker to cause a denial of service via the DnsServerApp.exe, DnsServerApp.dll, TechnitiumLibrary.Net/Dns/DnsClient.cs components

Vulnerability data from NVD (NIST) · CISA KEV · EPSS