PowerDNS has issued an urgent security advisory for its DNSdist software, warning users of a critical vulnerability that could let attackers trigger denial-of-service (DoS) conditions by exploiting flawed DNS-over-HTTPS (DoH) exchanges.
The flaw, tracked as CVE-2025-30194 (CVSS score: 7.5), affects DNSdist versions 1.9.0 to 1.9.8 when configured to handle DoH traffic via the nghttp2 provider.
https://gbhackers.com/powerdns-dnsdist-vulnerability/