CVE Catalog

CVE-2026-40208

LowCVSS 3.7
Published: Updated: Translated: NVD NIST

Summary

An attacker might be able to delay the processing of DoH3 queries by sending DoH3 GET queries with an invalid DATA frame.

Risk Assessment

Delaying DoH3 query processing can degrade DNS service performance, impacting the availability and responsiveness of applications relying on name resolution.

Recommendation

It is recommended to update the software to the latest version that includes security fixes for this type of attack, and to monitor network traffic for suspicious DoH3 queries.

Original NVD description (English source)

An attacker might be able to delay the processing of DoH3 queries by sending DoH3 GET queries with an invalid DATA frame.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS