PowerDNS has released a critical update to address a high-severity vulnerability in its DNS proxy and load balancer, DNSdist, that could allow unauthenticated attackers to cause service disruptions through specially crafted TCP connections. The vulnerability, tracked as CVE-2025-30193 with a CVSS score of 7.5, affects all DNSdist versions before 1.9.10 released on May 20, 2025. The security flaw enables remote attackers to trigger a Denial-of-Service (DoS) condition by exploiting how DNSdist manages TCP connections.

‍