A vulnerability was found in c-ares 1.34.7/7.5. It has been rated as critical. This affects the function ares_getaddrinfo. This manipulation causes use after free.

This vulnerability is tracked as CVE-2026-33630. The attack is possible to be carried out remotely. No exploit exists.

Upgrading the affected component is advised.