{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2026-40719", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "state": "PUBLISHED", "assignerShortName": "mitre", "dateReserved": "2026-04-15T06:23:09.482Z", "datePublished": "2026-04-15T06:23:09.912Z", "dateUpdated": "2026-04-15T13:22:14.897Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unknown", "product": "MaraDNS", "vendor": "MaraDNS", "versions": [{"status": "affected", "version": "3.5.0036", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "Deadwood in MaraDNS 3.5.0036 allows attackers to exhaust connection slots via a zone whose authoritative nameserver address cannot be resolved."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-670", "description": "CWE-670 Always-Incorrect Control Flow Implementation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-15T06:37:29.631Z"}, "references": [{"url": "https://github.com/samboy/MaraDNS/security/advisories/GHSA-cfc6-vhrv-62cj"}, {"url": "https://maradns.samiam.org/changelog.html"}], "x_generator": {"engine": "CVE-Request-form 0.0.1"}}, "adp": [{"references": [{"url": "https://github.com/samboy/MaraDNS/security/advisories/GHSA-cfc6-vhrv-62cj", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-15T13:22:11.706344Z", "id": "CVE-2026-40719", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-15T13:22:14.897Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-40719", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-15T13:22:11.706344Z"}}}], "references": [{"url": "https://github.com/samboy/MaraDNS/security/advisories/GHSA-cfc6-vhrv-62cj", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-15T13:22:06.113Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "MaraDNS", "product": "MaraDNS", "versions": [{"status": "affected", "version": "3.5.0036", "versionType": "custom"}], "defaultStatus": "unknown"}], "references": [{"url": "https://github.com/samboy/MaraDNS/security/advisories/GHSA-cfc6-vhrv-62cj"}, {"url": "https://maradns.samiam.org/changelog.html"}], "x_generator": {"engine": "CVE-Request-form 0.0.1"}, "descriptions": [{"lang": "en", "value": "Deadwood in MaraDNS 3.5.0036 allows attackers to exhaust connection slots via a zone whose authoritative nameserver address cannot be resolved."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-670", "description": "CWE-670 Always-Incorrect Control Flow Implementation"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-15T06:37:29.631Z"}}}, "cveMetadata": {"cveId": "CVE-2026-40719", "state": "PUBLISHED", "dateUpdated": "2026-04-15T13:22:14.897Z", "dateReserved": "2026-04-15T06:23:09.482Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-04-15T06:23:09.912Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Deadwood in MaraDNS 3.5.0036 allows attackers to exhaust connection slots via a zone whose authoritative nameserver address cannot be resolved."}], "id": "CVE-2026-40719", "lastModified": "2026-04-17T15:38:09.243", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "cve@mitre.org", "type": "Secondary"}]}, "published": "2026-04-15T07:16:11.193", "references": [{"source": "cve@mitre.org", "url": "https://github.com/samboy/MaraDNS/security/advisories/GHSA-cfc6-vhrv-62cj"}, {"source": "cve@mitre.org", "url": "https://maradns.samiam.org/changelog.html"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "url": "https://github.com/samboy/MaraDNS/security/advisories/GHSA-cfc6-vhrv-62cj"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-670"}], "source": "cve@mitre.org", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "3.5.0036"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "MaraDNS", "source": "cna", "vendor": "MaraDNS"}, "product": "maradns", "vendor": "maradns"}], "analysis": {"en": {"generated_at": "2026-04-15T08:21:08.102928+00:00", "value": {"mitigation_remediation": ["Upgrade MaraDNS to a version newer than 3.5.0036 that includes the fix referenced in the project changelog.", "If an upgrade is not immediately feasible, temporarily remove or disable any DNS zones that point to non\u2011resolvable authoritative nameservers to prevent deadwood exploitation.", "Implement network\u2011level rate limiting or firewall rules to constrain the rate of incoming DNS queries directed at the server, thereby mitigating the impact of connection slot exhaustion."], "summary": {"action": "Apply Patch", "impact": "Denial of Service through connection slot exhaustion"}, "threat_synthesis": {"affected_systems": "The vulnerability affects installations of MaraDNS 3.5.0036. Any derivative or older deployments that have not applied the subsequent fix listed in the changelog are also impacted.", "description_and_impact": "Deadwood in MaraDNS version 3.5.0036 enables attackers to send DNS queries that exhaust the server\u2019s connection slots when the zone references an authoritative nameserver that cannot be resolved. This resource\u2011exhaustion flaw leads to a denial of service, preventing legitimate clients from resolving queries. The weakness maps to CWE\u2011670, reflecting improper limiting of a resource or race condition in handling unresolved zones.", "risk_and_exploitability": "With a CVSS score of 7.5 the flaw is classified as high severity. No EPSS data is available, and the vulnerability is not currently listed in the CISA KEV catalog. The likely attack vector is remote DNS traffic; an attacker must have network reachability to the MaraDNS server and can trigger the condition by querying a zone whose authoritative nameserver address is unresolvable. The exploit consumes a limited pool of connection slots, ultimately degrading service availability for all clients."}}}}, "created": "2026-04-15T13:44:47.519732+00:00", "title": "Deadwood Exploit Causing Connection Slot Exhaustion in MaraDNS", "updated": "2026-04-15T13:49:14.867957+00:00", "vendors": ["maradns", "maradns$PRODUCT$maradns"]}