CVE-2026-36478
HighCVSS 7.5Exploitation Probability (EPSS)
Low risk31th percentile — higher than 31% of all known CVEs
Summary
A vulnerability in Technitium DNS Server version 14.3 and earlier allows a remote attacker to cause a denial of service (DoS) via the DnsServerApp.exe, DnsServerApp.dll, and TechnitiumLibrary.Net/Dns/DnsClient.cs components.
Risk Assessment
An attacker can remotely render the DNS service unavailable, disrupting network operations and applications that rely on name resolution, leading to downtime and potential financial losses.
Recommendation
Immediately update Technitium DNS Server to a version later than 14.3 where this vulnerability is fixed. If an update is not possible, restrict access to the server from trusted networks only.
Original NVD description (English source)
An issue in Technitium DNS Server v.14.3 and before allows a remote attacker to cause a denial of service via the DnsServerApp.exe, DnsServerApp.dll, TechnitiumLibrary.Net/Dns/DnsClient.cs components

