Latest vulnerabilities for "isc bind 9"

ISC BINDUnbounded resend loop in BIND 9 resolver

Risk 29

Severity

5.3

Trending

Week

First published (updated )

CVE-2026-5950

ISC BINDSIG(0) validation during query flood may lead to undefined behavior

Risk 46

Severity

7.5

Trending

Week

First published (updated )

CVE-2026-5947

ISC BINDInvalid handling of CLASS != IN

Risk 46

Severity

7.5

Trending

Week

First published (updated )

CVE-2026-5946

ISC BINDHeap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation

Risk 91

Severity

9.8

Trending

Week

First published (updated )

CVE-2026-3593

ISC BINDAmplification vulnerabilities via self-pointed glue records

Risk 28

Severity

5.3

First published (updated )

CVE-2026-3592

ISC BINDBIND 9 server memory exhaustion during GSS-API TKEY negotiation

Risk 46

Severity

7.5

Trending

Week

First published (updated )

CVE-2026-3039

ISC BIND 9If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the re…

Risk 33

Severity

7

First published (updated )

REDHAT-BUG-2451305

ISC BINDA stack use-after-return flaw in SIG(0) handling code may enable ACL bypass

Risk 26

Severity

5.4

EPSS

0.02%

First published (updated )

CVE-2026-3591

ISC BINDAuthenticated query containing a TKEY record may cause named to terminate unexpectedly

Risk 40

Severity

6.5

First published (updated )

CVE-2026-3119

ISC BINDMemory leak in code preparing DNSSEC proofs of non-existence

Risk 46

Severity

7.5

First published (updated )

CVE-2026-3104

ISC BINDExcessive NSEC3 iterations cause high CPU load during insecure delegation validation

Risk 46

Severity

7.5

First published (updated )

CVE-2026-1519

ISC BIND 9Malformed BRID/HHIT records can cause named to terminate unexpectedly

Risk 46

Severity

7.5

First published (updated )

CVE-2025-13878

Microsoft cbl2 bind 9.16.50-2Resource exhaustion via malformed DNSKEY handling

Risk 46

Severity

7.5

First published (updated )

CVE-2025-8677

F5 BIG-IP DNSCache poisoning due to weak PRNG

Risk 53

Severity

8.6

First published (updated )

CVE-2025-40780

ISC BINDDescription: Clients using DNS-over-HTTPS (DoH) can exhaust a DNS resolver's CPU and/or memory by fl…

Risk 33

Severity

7

First published (updated )

REDHAT-BUG-2342880

ISC BIND 9Client queries that trigger serving stale data and that also require lookups in local authoritative …

Risk 33

Severity

7

First published (updated )

REDHAT-BUG-2298904

ISC BINDCleaning an ECS-enabled cache may cause excessive CPU load

Risk 19

Severity

5.3

EPSS

0.09%

First published (updated )

CVE-2023-5680

Microsoft Windows Server 2012Unbound: disclosure of CVE-2023-50387 and CVE-2023-50868 DNSSEC validation vulnerabilities

Risk 49

Severity

7.5

First published (updated )

CVE-2023-50387

ISC BINDSpecific recursive query patterns may lead to an out-of-memory condition

Risk 46

Severity

7.5

First published (updated )

CVE-2023-6516

ISC BINDEnabling both DNS64 and serve-stale may cause an assertion failure during recursive resolution

Risk 32

Severity

7.5

EPSS

0.12%

First published (updated )

CVE-2023-5679

ISC BINDQuerying RFC 1918 reverse zones may cause an assertion failure when "nxdomain-redirect" is enabled

Risk 32

Severity

7.5

EPSS

0.09%

First published (updated )

CVE-2023-5517

ISC BINDParsing large DNS messages may cause excessive CPU load

Risk 46

Severity

7.5

First published (updated )

CVE-2023-4408

ubuntu/bind9named may terminate unexpectedly under high DNS-over-TLS query load

Risk 46

Severity

7.5

First published (updated )

CVE-2023-4236

ISC BINDMalformed NSEC records can cause named to terminate unexpectedly when synth-from-dnssec is enabled

Risk 43

Severity

7.5

First published (updated )

CVE-2023-2829

ubuntu/bind9Exceeding the recursive-clients quota may cause named to terminate unexpectedly when stale-answer-client-timeout is set to 0

Risk 45

Severity

7.5

First published (updated )

CVE-2023-2911

ubuntu/bind9named's configured cache size limit can be significantly exceeded

Risk 46

Severity

7.5

First published (updated )

CVE-2023-2828

ISC BINDnamed may terminate unexpectedly when processing ECS options in repeated responses to iterative queries

Risk 43

Severity

7.5

First published (updated )

CVE-2022-3488

ISC BINDnamed configured to answer from stale cache may terminate unexpectedly at recursive-clients soft quota

Risk 45

Severity

7.5

First published (updated )

CVE-2022-3924

ISC BINDnamed configured to answer from stale cache may terminate unexpectedly while processing RRSIG queries

Risk 45

Severity

7.5

First published (updated )

CVE-2022-3736

ISC BINDAn UPDATE message flood may cause named to exhaust all available memory

Risk 45

Severity

7.5

First published (updated )

CVE-2022-3094

Trending

Versions

ISC BINDUnbounded resend loop in BIND 9 resolver

ISC BINDSIG(0) validation during query flood may lead to undefined behavior

ISC BINDInvalid handling of CLASS != IN

ISC BINDHeap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation

ISC BINDAmplification vulnerabilities via self-pointed glue records

Don't miss critical vulnerabilities

ISC BINDBIND 9 server memory exhaustion during GSS-API TKEY negotiation

ISC BIND 9If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the re…

ISC BINDA stack use-after-return flaw in SIG(0) handling code may enable ACL bypass

ISC BINDAuthenticated query containing a TKEY record may cause named to terminate unexpectedly

ISC BINDMemory leak in code preparing DNSSEC proofs of non-existence

Don't miss critical vulnerabilities

ISC BINDExcessive NSEC3 iterations cause high CPU load during insecure delegation validation

ISC BIND 9Malformed BRID/HHIT records can cause named to terminate unexpectedly

Microsoft cbl2 bind 9.16.50-2Resource exhaustion via malformed DNSKEY handling

F5 BIG-IP DNSCache poisoning due to weak PRNG

ISC BINDDescription: Clients using DNS-over-HTTPS (DoH) can exhaust a DNS resolver's CPU and/or memory by fl…

Don't miss critical vulnerabilities

ISC BIND 9Client queries that trigger serving stale data and that also require lookups in local authoritative …

ISC BINDCleaning an ECS-enabled cache may cause excessive CPU load

Microsoft Windows Server 2012Unbound: disclosure of CVE-2023-50387 and CVE-2023-50868 DNSSEC validation vulnerabilities

ISC BINDSpecific recursive query patterns may lead to an out-of-memory condition

ISC BINDEnabling both DNS64 and serve-stale may cause an assertion failure during recursive resolution

Don't miss critical vulnerabilities

ISC BINDQuerying RFC 1918 reverse zones may cause an assertion failure when "nxdomain-redirect" is enabled

ISC BINDParsing large DNS messages may cause excessive CPU load

ubuntu/bind9named may terminate unexpectedly under high DNS-over-TLS query load

ISC BINDMalformed NSEC records can cause named to terminate unexpectedly when synth-from-dnssec is enabled

ubuntu/bind9Exceeding the recursive-clients quota may cause named to terminate unexpectedly when stale-answer-client-timeout is set to 0

Don't miss critical vulnerabilities

ubuntu/bind9named's configured cache size limit can be significantly exceeded

ISC BINDnamed may terminate unexpectedly when processing ECS options in repeated responses to iterative queries

ISC BINDnamed configured to answer from stale cache may terminate unexpectedly at recursive-clients soft quota

ISC BINDnamed configured to answer from stale cache may terminate unexpectedly while processing RRSIG queries

ISC BINDAn UPDATE message flood may cause named to exhaust all available memory

Don't miss critical vulnerabilities

Company

Resources

Contact