Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    661 vulnerabilities by ISC

    CERTFR-2026-AVI-0626

    Vulnerability from certfr_avis - Published: 2026-05-21 - Updated: 2026-05-21

    De multiples vulnérabilités ont été découvertes dans ISC BIND. Elles permettent à un attaquant de provoquer un déni de service à distance et un problème de sécurité non spécifié par l'éditeur.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    ISC BIND Bind versions 9.20.x antérieures à 9.20.23
    ISC BIND Bind versions 9.x antérieures à 9.18.49
    ISC BIND BIND Supported Preview Edition versions antérieures à 9.18.49-S1
    ISC BIND Bind versions 9.21.x antérieures à 9.21.22
    ISC BIND BIND Supported Preview Edition versions 9.20.x antérieures à 9.20.23-S1
    References

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "Bind versions 9.20.x ant\u00e9rieures \u00e0 9.20.23",
          "product": {
            "name": "BIND",
            "vendor": {
              "name": "ISC",
              "scada": false
            }
          }
        },
        {
          "description": "Bind versions 9.x ant\u00e9rieures \u00e0 9.18.49",
          "product": {
            "name": "BIND",
            "vendor": {
              "name": "ISC",
              "scada": false
            }
          }
        },
        {
          "description": "BIND Supported Preview Edition versions ant\u00e9rieures \u00e0 9.18.49-S1",
          "product": {
            "name": "BIND",
            "vendor": {
              "name": "ISC",
              "scada": false
            }
          }
        },
        {
          "description": "Bind versions 9.21.x ant\u00e9rieures \u00e0 9.21.22",
          "product": {
            "name": "BIND",
            "vendor": {
              "name": "ISC",
              "scada": false
            }
          }
        },
        {
          "description": "BIND Supported Preview Edition versions 9.20.x ant\u00e9rieures \u00e0 9.20.23-S1",
          "product": {
            "name": "BIND",
            "vendor": {
              "name": "ISC",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2026-5947",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-5947"
        },
        {
          "name": "CVE-2026-5950",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-5950"
        },
        {
          "name": "CVE-2026-5946",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-5946"
        }
      ],
      "initial_release_date": "2026-05-21T00:00:00",
      "last_revision_date": "2026-05-21T00:00:00",
      "links": [],
      "reference": "CERTFR-2026-AVI-0626",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2026-05-21T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "D\u00e9ni de service \u00e0 distance"
        },
        {
          "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
        }
      ],
      "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans ISC BIND. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
      "title": "Multiples vuln\u00e9rabilit\u00e9s dans ISC BIND",
      "vendor_advisories": [
        {
          "published_at": "2026-05-20",
          "title": "Bulletin de s\u00e9curit\u00e9 ISC BIND cve-2026-5950",
          "url": "https://kb.isc.org/v1/docs/cve-2026-5950"
        },
        {
          "published_at": "2026-05-20",
          "title": "Bulletin de s\u00e9curit\u00e9 ISC BIND cve-2026-5947",
          "url": "https://kb.isc.org/v1/docs/cve-2026-5947"
        },
        {
          "published_at": "2026-05-20",
          "title": "Bulletin de s\u00e9curit\u00e9 ISC BIND cve-2026-5946",
          "url": "https://kb.isc.org/v1/docs/cve-2026-5946"
        }
      ]
    }

    CERTFR-2026-AVI-0618

    Vulnerability from certfr_avis - Published: 2026-05-20 - Updated: 2026-05-20

    De multiples vulnérabilités ont été découvertes dans ISC BIND. Elles permettent à un attaquant de provoquer un déni de service à distance et un problème de sécurité non spécifié par l'éditeur.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    ISC BIND Bind versions 9.20.x antérieures à 9.20.23
    ISC BIND Bind versions 9.x antérieures à 9.18.49
    ISC BIND BIND Supported Preview Edition versions antérieures à 9.18.49-S1
    ISC BIND Bind versions 9.21.x antérieures à 9.21.22
    ISC BIND BIND Supported Preview Edition versions 9.20.x antérieures à 9.20.23-S1
    References

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "Bind versions 9.20.x ant\u00e9rieures \u00e0 9.20.23",
          "product": {
            "name": "BIND",
            "vendor": {
              "name": "ISC",
              "scada": false
            }
          }
        },
        {
          "description": "Bind versions 9.x ant\u00e9rieures \u00e0 9.18.49",
          "product": {
            "name": "BIND",
            "vendor": {
              "name": "ISC",
              "scada": false
            }
          }
        },
        {
          "description": "BIND Supported Preview Edition versions ant\u00e9rieures \u00e0 9.18.49-S1",
          "product": {
            "name": "BIND",
            "vendor": {
              "name": "ISC",
              "scada": false
            }
          }
        },
        {
          "description": "Bind versions 9.21.x ant\u00e9rieures \u00e0 9.21.22",
          "product": {
            "name": "BIND",
            "vendor": {
              "name": "ISC",
              "scada": false
            }
          }
        },
        {
          "description": "BIND Supported Preview Edition versions 9.20.x ant\u00e9rieures \u00e0 9.20.23-S1",
          "product": {
            "name": "BIND",
            "vendor": {
              "name": "ISC",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2026-3593",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-3593"
        },
        {
          "name": "CVE-2026-3592",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-3592"
        },
        {
          "name": "CVE-2026-3039",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-3039"
        }
      ],
      "initial_release_date": "2026-05-20T00:00:00",
      "last_revision_date": "2026-05-20T00:00:00",
      "links": [],
      "reference": "CERTFR-2026-AVI-0618",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2026-05-20T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "D\u00e9ni de service \u00e0 distance"
        },
        {
          "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
        }
      ],
      "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans ISC BIND. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
      "title": "Multiples vuln\u00e9rabilit\u00e9s dans ISC BIND",
      "vendor_advisories": [
        {
          "published_at": "2026-05-20",
          "title": "Bulletin de s\u00e9curit\u00e9 ISC BIND cve-2026-3592",
          "url": "https://kb.isc.org/v1/docs/cve-2026-3592"
        },
        {
          "published_at": "2026-05-20",
          "title": "Bulletin de s\u00e9curit\u00e9 ISC BIND cve-2026-3593",
          "url": "https://kb.isc.org/v1/docs/cve-2026-3593"
        },
        {
          "published_at": "2026-05-20",
          "title": "Bulletin de s\u00e9curit\u00e9 ISC BIND cve-2026-3039",
          "url": "https://kb.isc.org/v1/docs/cve-2026-3039"
        }
      ]
    }

    CERTFR-2026-AVI-0360

    Vulnerability from certfr_avis - Published: 2026-03-26 - Updated: 2026-03-26

    De multiples vulnérabilités ont été découvertes dans ISC BIND. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et un contournement de la politique de sécurité.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    ISC BIND BIND versions 9.20.x antérieures à 9.20.21
    ISC BIND Supported Preview Edition BIND Supported Preview Edition versions antérieures à 9.18.47-S1
    ISC BIND BIND versions 9.21.x antérieures à 9.21.20
    ISC BIND Supported Preview Edition BIND Supported Preview Edition versions 9.20.x antérieures à 9.20.21-S1
    ISC BIND BIND versions antérieures à 9.18.47
    References

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "BIND versions 9.20.x ant\u00e9rieures \u00e0 9.20.21",
          "product": {
            "name": "BIND",
            "vendor": {
              "name": "ISC",
              "scada": false
            }
          }
        },
        {
          "description": "BIND Supported Preview Edition versions ant\u00e9rieures \u00e0 9.18.47-S1",
          "product": {
            "name": "BIND Supported Preview Edition",
            "vendor": {
              "name": "ISC",
              "scada": false
            }
          }
        },
        {
          "description": "BIND versions 9.21.x ant\u00e9rieures \u00e0 9.21.20",
          "product": {
            "name": "BIND",
            "vendor": {
              "name": "ISC",
              "scada": false
            }
          }
        },
        {
          "description": "BIND Supported Preview Edition versions 9.20.x ant\u00e9rieures \u00e0 9.20.21-S1",
          "product": {
            "name": "BIND Supported Preview Edition",
            "vendor": {
              "name": "ISC",
              "scada": false
            }
          }
        },
        {
          "description": "BIND versions ant\u00e9rieures \u00e0 9.18.47",
          "product": {
            "name": "BIND",
            "vendor": {
              "name": "ISC",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2026-3119",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-3119"
        },
        {
          "name": "CVE-2026-3104",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-3104"
        },
        {
          "name": "CVE-2026-1519",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-1519"
        },
        {
          "name": "CVE-2026-3591",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-3591"
        }
      ],
      "initial_release_date": "2026-03-26T00:00:00",
      "last_revision_date": "2026-03-26T00:00:00",
      "links": [],
      "reference": "CERTFR-2026-AVI-0360",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2026-03-26T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "D\u00e9ni de service \u00e0 distance"
        },
        {
          "description": "Contournement de la politique de s\u00e9curit\u00e9"
        },
        {
          "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
        }
      ],
      "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans ISC BIND. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un contournement de la politique de s\u00e9curit\u00e9.",
      "title": "Multiples vuln\u00e9rabilit\u00e9s dans ISC BIND",
      "vendor_advisories": [
        {
          "published_at": "2026-03-25",
          "title": "Bulletin de s\u00e9curit\u00e9 ISC BIND cve-2026-3119",
          "url": "https://kb.isc.org/v1/docs/cve-2026-3119"
        },
        {
          "published_at": "2026-03-25",
          "title": "Bulletin de s\u00e9curit\u00e9 ISC BIND cve-2026-1519",
          "url": "https://kb.isc.org/v1/docs/cve-2026-1519"
        },
        {
          "published_at": "2026-03-25",
          "title": "Bulletin de s\u00e9curit\u00e9 ISC BIND cve-2026-3104",
          "url": "https://kb.isc.org/v1/docs/cve-2026-3104"
        },
        {
          "published_at": "2026-03-25",
          "title": "Bulletin de s\u00e9curit\u00e9 ISC BIND cve-2026-3591",
          "url": "https://kb.isc.org/v1/docs/cve-2026-3591"
        }
      ]
    }

    CERTFR-2026-AVI-0356

    Vulnerability from certfr_avis - Published: 2026-03-25 - Updated: 2026-03-25

    Une vulnérabilité a été découverte dans ISC Kea. Elle permet à un attaquant de provoquer un déni de service à distance.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    ISC Kea DHCP Kea versions 3.0.x antérieures à 3.0.3
    ISC Kea DHCP Kea versions 2.6.x antérieures à 2.6.5
    References

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "Kea versions 3.0.x ant\u00e9rieures \u00e0 3.0.3",
          "product": {
            "name": "Kea DHCP",
            "vendor": {
              "name": "ISC",
              "scada": false
            }
          }
        },
        {
          "description": "Kea versions 2.6.x ant\u00e9rieures \u00e0 2.6.5",
          "product": {
            "name": "Kea DHCP",
            "vendor": {
              "name": "ISC",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2026-3608",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-3608"
        }
      ],
      "initial_release_date": "2026-03-25T00:00:00",
      "last_revision_date": "2026-03-25T00:00:00",
      "links": [],
      "reference": "CERTFR-2026-AVI-0356",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2026-03-25T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "D\u00e9ni de service \u00e0 distance"
        }
      ],
      "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans ISC Kea. Elle permet \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance.",
      "title": "Vuln\u00e9rabilit\u00e9 dans ISC Kea",
      "vendor_advisories": [
        {
          "published_at": "2026-03-25",
          "title": "Bulletin de s\u00e9curit\u00e9 ISC BIND cve-2026-3608",
          "url": "https://kb.isc.org/v1/docs/cve-2026-3608"
        }
      ]
    }

    CVE-2026-5950 (GCVE-0-2026-5950)

    Vulnerability from nvd – Published: 2026-05-20 13:10 – Updated: 2026-05-20 13:38
    VLAI
    Title
    Unbounded resend loop in BIND 9 resolver
    Summary
    An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenticated attacker to cause severe resource exhaustion by sending queries that trigger specific retry conditions. This issue affects BIND 9 versions 9.18.36 through 9.18.48, 9.20.8 through 9.20.22, 9.21.7 through 9.21.21, 9.18.36-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-606 - Unchecked Input for Loop Condition
    Assigner
    isc
    Impacted products
    Vendor Product Version
    ISC BIND 9 Affected: 9.18.36 , ≤ 9.18.48 (custom)
    Affected: 9.20.8 , ≤ 9.20.22 (custom)
    Affected: 9.21.7 , ≤ 9.21.21 (custom)
    Affected: 9.18.36-S1 , ≤ 9.18.48-S1 (custom)
    Affected: 9.20.9-S1 , ≤ 9.20.22-S1 (custom)
    Create a notification for this product.
    Date Public
    2026-05-20 00:00
    Credits
    ISC would like to thank Billy Baraja (BielraX) for bringing this vulnerability to our attention.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5950",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-20T13:38:40.421994Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-20T13:38:53.211Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "BIND 9",
              "vendor": "ISC",
              "versions": [
                {
                  "lessThanOrEqual": "9.18.48",
                  "status": "affected",
                  "version": "9.18.36",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.20.22",
                  "status": "affected",
                  "version": "9.20.8",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.21.21",
                  "status": "affected",
                  "version": "9.21.7",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.48-S1",
                  "status": "affected",
                  "version": "9.18.36-S1",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.20.22-S1",
                  "status": "affected",
                  "version": "9.20.9-S1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.48",
                      "versionStartIncluding": "9.18.36",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.22",
                      "versionStartIncluding": "9.20.8",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.21.21",
                      "versionStartIncluding": "9.21.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.48-S1",
                      "versionStartIncluding": "9.18.36-S1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.22-S1",
                      "versionStartIncluding": "9.20.9-S1",
                      "vulnerable": true
                    }
                  ],
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "ISC would like to thank Billy Baraja (BielraX) for bringing this vulnerability to our attention."
            }
          ],
          "datePublic": "2026-05-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenticated attacker to cause severe resource exhaustion by sending queries that trigger specific retry conditions.\nThis issue affects BIND 9 versions 9.18.36 through 9.18.48, 9.20.8 through 9.20.22, 9.21.7 through 9.21.21, 9.18.36-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "We are not aware of any active exploits."
            }
          ],
          "impacts": [
            {
              "descriptions": [
                {
                  "lang": "en",
                  "value": "Severe resource exhaustion."
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-606",
                  "description": "CWE-606 Unchecked Input for Loop Condition",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-20T13:10:19.989Z",
            "orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
            "shortName": "isc"
          },
          "references": [
            {
              "name": "CVE-2026-5950",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://kb.isc.org/docs/cve-2026-5950"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.18.49"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.20.23"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.21.22"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to the patched release most closely related to your current version of BIND 9: 9.18.49, 9.20.23, 9.21.22, 9.18.49-S1, or 9.20.23-S1."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Unbounded resend loop in BIND 9 resolver",
          "workarounds": [
            {
              "lang": "en",
              "value": "No workarounds known."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
        "assignerShortName": "isc",
        "cveId": "CVE-2026-5950",
        "datePublished": "2026-05-20T13:10:19.989Z",
        "dateReserved": "2026-04-09T06:42:23.953Z",
        "dateUpdated": "2026-05-20T13:38:53.211Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-5947 (GCVE-0-2026-5947)

    Vulnerability from nvd – Published: 2026-05-20 13:10 – Updated: 2026-06-30 12:11
    VLAI
    Title
    SIG(0) validation during query flood may lead to undefined behavior
    Summary
    Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG(0), it begins work to validate that signature. If, during that validation, the "recursive-clients" limit is reached (as would occur during a query flood), and that same DNS message is discarded per the limit, there is a brief window of time while the SIG(0) validation may attempt to read the now-discarded DNS message. This issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1. BIND 9 versions 9.18.28 through 9.18.49 and 9.18.28-S1 through 9.18.49-S1 are NOT affected.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
    • CWE-416 - Use After Free
    • CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
    Assigner
    isc
    Impacted products
    Vendor Product Version
    ISC BIND 9 Affected: 9.20.0 , ≤ 9.20.22 (custom)
    Affected: 9.21.0 , ≤ 9.21.21 (custom)
    Affected: 9.20.9-S1 , ≤ 9.20.22-S1 (custom)
    Unaffected: 9.18.28 , ≤ 9.18.49 (custom)
    Unaffected: 9.18.28-S1 , ≤ 9.18.49-S1 (custom)
    Create a notification for this product.
    Red Hat Red Hat Hardened Images     cpe:/a:redhat:hummingbird:1
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
    Create a notification for this product.
    Date Public
    2026-05-20 00:00
    Credits
    ISC would like to thank Naoki Wakamatsu for bringing this vulnerability to our attention.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5947",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-20T13:39:15.454199Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-20T13:39:38.654Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:hummingbird:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Hardened Images",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:6"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:7"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat OpenShift Container Platform 4",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-05-21T12:15:50.513Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in BIND. A remote attacker could exploit a race condition during SIG(0) signature validation of an incoming DNS message. If the \"recursive-clients\" limit is reached and the message is discarded, a use-after-free vulnerability may occur. This could lead to undefined behavior and potentially result in a denial of service."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-367",
                    "description": "Time-of-check Time-of-use (TOCTOU) Race Condition",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:11:11.730Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-5947"
              },
              {
                "name": "RHBZ#2479772",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479772"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5947.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:7412"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:7412: Red Hat Hardened Images"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-05-19T09:59:51.277Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-05-21T12:15:50.513Z",
                "value": "Made public."
              }
            ],
            "title": "bind: SIG(0) validation during query flood may lead to undefined behavior",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "BIND 9",
              "vendor": "ISC",
              "versions": [
                {
                  "lessThanOrEqual": "9.20.22",
                  "status": "affected",
                  "version": "9.20.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.21.21",
                  "status": "affected",
                  "version": "9.21.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.20.22-S1",
                  "status": "affected",
                  "version": "9.20.9-S1",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.49",
                  "status": "unaffected",
                  "version": "9.18.28",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.49-S1",
                  "status": "unaffected",
                  "version": "9.18.28-S1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.22",
                      "versionStartIncluding": "9.20.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.21.21",
                      "versionStartIncluding": "9.21.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.22-S1",
                      "versionStartIncluding": "9.20.9-S1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.49",
                      "versionStartIncluding": "9.18.28",
                      "vulnerable": false
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.49-S1",
                      "versionStartIncluding": "9.18.28-S1",
                      "vulnerable": false
                    }
                  ],
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "ISC would like to thank Naoki Wakamatsu for bringing this vulnerability to our attention."
            }
          ],
          "datePublic": "2026-05-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Undefined behavior may result due to a race condition leading to a use-after-free violation.  If BIND receives an incoming DNS message signed with SIG(0), it begins work to validate that signature.  If, during that validation, the \"recursive-clients\" limit is reached (as would occur during a query flood), and that same DNS message is discarded per the limit, there is a brief window of time while the SIG(0) validation may attempt to read the now-discarded DNS message.\nThis issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1.\nBIND 9 versions 9.18.28 through 9.18.49 and 9.18.28-S1 through 9.18.49-S1 are NOT affected."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "We are not aware of any active exploits."
            }
          ],
          "impacts": [
            {
              "descriptions": [
                {
                  "lang": "en",
                  "value": "The use of memory after it is freed is undefined (\"dangling pointer\").  The BIND process may abort with a segmentation violation or similar error.  If memory from the discarded message has not been reused or reclaimed, the validation might proceed normally.  Any kind of code execution from such an improper data read is unlikely."
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-362",
                  "description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
                  "lang": "en",
                  "type": "CWE"
                },
                {
                  "cweId": "CWE-416",
                  "description": "CWE-416 Use After Free",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-20T13:10:11.873Z",
            "orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
            "shortName": "isc"
          },
          "references": [
            {
              "name": "CVE-2026-5947",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://kb.isc.org/docs/cve-2026-5947"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.20.23"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.21.22"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to the patched release most closely related to your current version of BIND 9: 9.20.23, 9.21.22, or 9.20.23-S1."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "SIG(0) validation during query flood may lead to undefined behavior",
          "workarounds": [
            {
              "lang": "en",
              "value": "No workarounds known."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
        "assignerShortName": "isc",
        "cveId": "CVE-2026-5947",
        "datePublished": "2026-05-20T13:10:11.873Z",
        "dateReserved": "2026-04-09T06:40:58.672Z",
        "dateUpdated": "2026-06-30T12:11:11.730Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-5946 (GCVE-0-2026-5946)

    Vulnerability from nvd – Published: 2026-05-20 13:10 – Updated: 2026-06-30 12:11
    VLAI
    Title
    Invalid handling of CLASS != IN
    Summary
    Multiple flaws have been identified in `named` related to the handling of DNS messages whose CLASS is not Internet (`IN`) — for example, `CHAOS` or `HESIOD`, or DNS messages that specify meta-classes (`ANY` or `NONE`) in the question section. Specially crafted requests reaching the affected code paths — recursion, dynamic updates (`UPDATE`), zone change notifications (`NOTIFY`), or processing of `IN`-specific record types in non-`IN` data — can cause assertion failures in `named`. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    • CWE-125 - Out-of-bounds Read
    • CWE-617 - Reachable Assertion
    • CWE-754 - Improper Check for Unusual or Exceptional Conditions
    • CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
    • CWE-1287 - Improper Validation of Specified Type of Input
    Assigner
    isc
    Impacted products
    Vendor Product Version
    ISC BIND 9 Affected: 9.11.0 , ≤ 9.16.50 (custom)
    Affected: 9.18.0 , ≤ 9.18.48 (custom)
    Affected: 9.20.0 , ≤ 9.20.22 (custom)
    Affected: 9.21.0 , ≤ 9.21.21 (custom)
    Affected: 9.11.3-S1 , ≤ 9.16.50-S1 (custom)
    Affected: 9.18.11-S1 , ≤ 9.18.48-S1 (custom)
    Affected: 9.20.9-S1 , ≤ 9.20.22-S1 (custom)
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream (v. 10)     cpe:/o:redhat:enterprise_linux:10.2
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream (v. 8)     cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream (v. 9)     cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS (v. 8)     cpe:/o:redhat:enterprise_linux:8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)     cpe:/o:redhat:enterprise_linux:10.2
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux CRB (v. 8)     cpe:/a:redhat:enterprise_linux:8::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)     cpe:/a:redhat:enterprise_linux:9::crb
    Create a notification for this product.
    Red Hat Red Hat Hardened Images     cpe:/a:redhat:hummingbird:1
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Date Public
    2026-05-20 00:00
    Credits
    ISC would like to thank Mcsky23 for bringing this vulnerability to our attention.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5946",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-20T13:40:04.619504Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-20T13:40:20.966Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10.2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream (v. 10)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:8::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream (v. 8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:9::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream (v. 9)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS (v. 8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10.2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:8::crb"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux CRB (v. 8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:9::crb"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:hummingbird:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Hardened Images",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:6"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-05-21T12:32:55.602Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in the bind component, specifically within the `named` daemon. This vulnerability allows a remote attacker to send specially crafted Domain Name System (DNS) messages. These messages, which use unusual classes or meta-classes, can trigger assertion failures in the `named` daemon when processed. Successful exploitation leads to an application level Denial of Service (DoS), making the DNS service unavailable."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-1287",
                    "description": "Improper Validation of Specified Type of Input",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:11:12.136Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-5946"
              },
              {
                "name": "RHBZ#2479771",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479771"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5946.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24338"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24339"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:23360"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24367"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24368"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:20334"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:24338: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24339: Red Hat Enterprise Linux AppStream (v. 8), Red Hat Enterprise Linux BaseOS (v. 8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:23360: Red Hat Enterprise Linux AppStream (v. 8), Red Hat Enterprise Linux CRB (v. 8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24367: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24368: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:20334: Red Hat Hardened Images"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-05-19T09:57:49.705Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-05-21T12:32:55.602Z",
                "value": "Made public."
              }
            ],
            "title": "bind: BIND: Denial of Service via specially crafted DNS messages",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "BIND 9",
              "vendor": "ISC",
              "versions": [
                {
                  "lessThanOrEqual": "9.16.50",
                  "status": "affected",
                  "version": "9.11.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.48",
                  "status": "affected",
                  "version": "9.18.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.20.22",
                  "status": "affected",
                  "version": "9.20.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.21.21",
                  "status": "affected",
                  "version": "9.21.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.16.50-S1",
                  "status": "affected",
                  "version": "9.11.3-S1",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.48-S1",
                  "status": "affected",
                  "version": "9.18.11-S1",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.20.22-S1",
                  "status": "affected",
                  "version": "9.20.9-S1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.16.50",
                      "versionStartIncluding": "9.11.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.48",
                      "versionStartIncluding": "9.18.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.22",
                      "versionStartIncluding": "9.20.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.21.21",
                      "versionStartIncluding": "9.21.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.16.50-S1",
                      "versionStartIncluding": "9.11.3-S1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.48-S1",
                      "versionStartIncluding": "9.18.11-S1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.22-S1",
                      "versionStartIncluding": "9.20.9-S1",
                      "vulnerable": true
                    }
                  ],
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "ISC would like to thank Mcsky23 for bringing this vulnerability to our attention."
            }
          ],
          "datePublic": "2026-05-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple flaws have been identified in `named` related to the handling of DNS messages whose CLASS is not Internet (`IN`) \u2014 for example, `CHAOS` or `HESIOD`, or DNS messages that specify meta-classes (`ANY` or `NONE`) in the question section. Specially crafted requests reaching the affected code paths \u2014 recursion, dynamic updates (`UPDATE`), zone change notifications (`NOTIFY`), or processing of `IN`-specific record types in non-`IN` data \u2014 can cause assertion failures in `named`.\nThis issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "We are not aware of any active exploits."
            }
          ],
          "impacts": [
            {
              "descriptions": [
                {
                  "lang": "en",
                  "value": "An attacker able to send specially crafted DNS messages to an affected `named` instance can cause it to terminate unexpectedly, resulting in a denial of service."
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                },
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125 Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                },
                {
                  "cweId": "CWE-617",
                  "description": "CWE-617 Reachable Assertion",
                  "lang": "en",
                  "type": "CWE"
                },
                {
                  "cweId": "CWE-754",
                  "description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
                  "lang": "en",
                  "type": "CWE"
                },
                {
                  "cweId": "CWE-843",
                  "description": "CWE-843 Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-20T13:10:03.479Z",
            "orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
            "shortName": "isc"
          },
          "references": [
            {
              "name": "CVE-2026-5946",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://kb.isc.org/docs/cve-2026-5946"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.18.49"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.20.23"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.21.22"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to the patched release most closely related to your current version of BIND 9: 9.18.49, 9.20.23, 9.21.22, 9.18.49-S1, or 9.20.23-S1."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Invalid handling of CLASS != IN",
          "workarounds": [
            {
              "lang": "en",
              "value": "Don\u0027t configure zones other than Internet (`IN`) class. Furthermore, do not expose the server that allows DNS Dynamic Update to the general Internet."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
        "assignerShortName": "isc",
        "cveId": "CVE-2026-5946",
        "datePublished": "2026-05-20T13:10:03.479Z",
        "dateReserved": "2026-04-09T06:40:07.319Z",
        "dateUpdated": "2026-06-30T12:11:12.136Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-3593 (GCVE-0-2026-3593)

    Vulnerability from nvd – Published: 2026-05-20 13:09 – Updated: 2026-06-30 12:09
    VLAI
    Title
    Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation
    Summary
    A use-after-free vulnerability exists within the DNS-over-HTTPS implementation. This issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1. BIND 9 versions 9.18.0 through 9.18.48 and 9.18.11-S1 through 9.18.48-S1 are NOT affected.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    isc
    Impacted products
    Vendor Product Version
    ISC BIND 9 Affected: 9.20.0 , ≤ 9.20.22 (custom)
    Affected: 9.21.0 , ≤ 9.21.21 (custom)
    Affected: 9.20.9-S1 , ≤ 9.20.22-S1 (custom)
    Unaffected: 9.18.0 , ≤ 9.18.48 (custom)
    Unaffected: 9.18.11-S1 , ≤ 9.18.48-S1 (custom)
    Create a notification for this product.
    Red Hat Red Hat Hardened Images     cpe:/a:redhat:hummingbird:1
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
    Create a notification for this product.
    Date Public
    2026-05-20 00:00
    Credits
    ISC would like to thank Naresh Kandula Parmar (Nottiboy) for bringing this vulnerability to our attention.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-3593",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-20T13:40:34.896109Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-20T13:40:45.166Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:hummingbird:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Hardened Images",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:6"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:7"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat OpenShift Container Platform 4",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-05-21T11:59:02.348Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in the BIND (Berkeley Internet Name Domain) DNS-over-HTTPS implementation. A remote attacker could send specially crafted HTTP/2 traffic to a DNS-over-HTTPS endpoint, leading to a use-after-free vulnerability. This could trigger memory corruption, potentially allowing the attacker to cause a denial of service or, in some cases, execute arbitrary code."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "HIGH",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.4,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-825",
                    "description": "Expired Pointer Dereference",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:09:24.891Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-3593"
              },
              {
                "name": "RHBZ#2479770",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479770"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3593.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:7412"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:7412: Red Hat Hardened Images"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-05-19T09:55:25.800Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-05-21T11:59:02.348Z",
                "value": "Made public."
              }
            ],
            "title": "bind: Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "BIND 9",
              "vendor": "ISC",
              "versions": [
                {
                  "lessThanOrEqual": "9.20.22",
                  "status": "affected",
                  "version": "9.20.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.21.21",
                  "status": "affected",
                  "version": "9.21.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.20.22-S1",
                  "status": "affected",
                  "version": "9.20.9-S1",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.48",
                  "status": "unaffected",
                  "version": "9.18.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.48-S1",
                  "status": "unaffected",
                  "version": "9.18.11-S1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.22",
                      "versionStartIncluding": "9.20.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.21.21",
                      "versionStartIncluding": "9.21.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.22-S1",
                      "versionStartIncluding": "9.20.9-S1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.48",
                      "versionStartIncluding": "9.18.0",
                      "vulnerable": false
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.48-S1",
                      "versionStartIncluding": "9.18.11-S1",
                      "vulnerable": false
                    }
                  ],
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "ISC would like to thank Naresh Kandula Parmar (Nottiboy) for bringing this vulnerability to our attention."
            }
          ],
          "datePublic": "2026-05-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A use-after-free vulnerability exists within the DNS-over-HTTPS implementation.\nThis issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1.\nBIND 9 versions 9.18.0 through 9.18.48 and 9.18.11-S1 through 9.18.48-S1 are NOT affected."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "We are not aware of any active exploits."
            }
          ],
          "impacts": [
            {
              "descriptions": [
                {
                  "lang": "en",
                  "value": "Crafted HTTP/2 traffic sent to a DNS-over-HTTPS endpoint can be used to trigger memory corruption."
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-416",
                  "description": "CWE-416 Use After Free",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-20T13:09:47.178Z",
            "orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
            "shortName": "isc"
          },
          "references": [
            {
              "name": "CVE-2026-3593",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://kb.isc.org/docs/cve-2026-3593"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.20.23"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.21.22"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to the patched release most closely related to your current version of BIND 9: 9.20.23, 9.21.22, or 9.20.23-S1."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation",
          "workarounds": [
            {
              "lang": "en",
              "value": "Configurations not using DNS-over-HTTPS should not be affected.  Disabling DNS-over-HTTPS is likewise an effective workaround."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
        "assignerShortName": "isc",
        "cveId": "CVE-2026-3593",
        "datePublished": "2026-05-20T13:09:47.178Z",
        "dateReserved": "2026-03-05T12:57:16.981Z",
        "dateUpdated": "2026-06-30T12:09:24.891Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-3592 (GCVE-0-2026-3592)

    Vulnerability from nvd – Published: 2026-05-20 13:09 – Updated: 2026-05-20 13:42
    VLAI
    Title
    Amplification vulnerabilities via self-pointed glue records
    Summary
    BIND resolvers are vulnerable to an amplified resource consumption/exhaustion attack. If a victim resolver makes a query to a specially crafted zone, the resolver will consume disproportionate resources. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-408 - Incorrect Behavior Order - Early Amplification
    Assigner
    isc
    Impacted products
    Vendor Product Version
    ISC BIND 9 Affected: 9.11.0 , ≤ 9.16.50 (custom)
    Affected: 9.18.0 , ≤ 9.18.48 (custom)
    Affected: 9.20.0 , ≤ 9.20.22 (custom)
    Affected: 9.21.0 , ≤ 9.21.21 (custom)
    Affected: 9.11.3-S1 , ≤ 9.16.50-S1 (custom)
    Affected: 9.18.11-S1 , ≤ 9.18.48-S1 (custom)
    Affected: 9.20.9-S1 , ≤ 9.20.22-S1 (custom)
    Create a notification for this product.
    Date Public
    2026-05-20 00:00
    Credits
    ISC would like to thank Shuhan Zhang from Tsinghua University for bringing this vulnerability to our attention.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-3592",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-20T13:42:13.661954Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-20T13:42:21.764Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "BIND 9",
              "vendor": "ISC",
              "versions": [
                {
                  "lessThanOrEqual": "9.16.50",
                  "status": "affected",
                  "version": "9.11.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.48",
                  "status": "affected",
                  "version": "9.18.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.20.22",
                  "status": "affected",
                  "version": "9.20.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.21.21",
                  "status": "affected",
                  "version": "9.21.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.16.50-S1",
                  "status": "affected",
                  "version": "9.11.3-S1",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.48-S1",
                  "status": "affected",
                  "version": "9.18.11-S1",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.20.22-S1",
                  "status": "affected",
                  "version": "9.20.9-S1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.16.50",
                      "versionStartIncluding": "9.11.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.48",
                      "versionStartIncluding": "9.18.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.22",
                      "versionStartIncluding": "9.20.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.21.21",
                      "versionStartIncluding": "9.21.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.16.50-S1",
                      "versionStartIncluding": "9.11.3-S1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.48-S1",
                      "versionStartIncluding": "9.18.11-S1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.22-S1",
                      "versionStartIncluding": "9.20.9-S1",
                      "vulnerable": true
                    }
                  ],
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "ISC would like to thank Shuhan Zhang from Tsinghua University for bringing this vulnerability to our attention."
            }
          ],
          "datePublic": "2026-05-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "BIND resolvers are vulnerable to an amplified resource consumption/exhaustion attack.  If a victim resolver makes a query to a specially crafted zone, the resolver will consume disproportionate resources.\nThis issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "We are not aware of any active exploits."
            }
          ],
          "impacts": [
            {
              "descriptions": [
                {
                  "lang": "en",
                  "value": "An attacker may be able to cause the resolver to consume disproportionate amounts of bandwidth in the attempt to resolve the name.  Impairment of TCP may also be seen.\nThe issue predominately affects recursive resolvers.  Authoritative-only servers containing only trustworthy zones and names should be unaffected.  If an authoritative server can be induced to look up an attack domain (e.g., if loading a zone from an untrusted source), it may be possible to trigger the issue."
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-408",
                  "description": "CWE-408 Incorrect Behavior Order - Early Amplification",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-20T13:09:21.547Z",
            "orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
            "shortName": "isc"
          },
          "references": [
            {
              "name": "CVE-2026-3592",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://kb.isc.org/docs/cve-2026-3592"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.18.49"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.20.23"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.21.22"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to the patched release most closely related to your current version of BIND 9: 9.18.49, 9.20.23, 9.21.22, 9.18.49-S1, or 9.20.23-S1."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Amplification vulnerabilities via self-pointed glue records",
          "workarounds": [
            {
              "lang": "en",
              "value": "No workarounds known."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
        "assignerShortName": "isc",
        "cveId": "CVE-2026-3592",
        "datePublished": "2026-05-20T13:09:21.547Z",
        "dateReserved": "2026-03-05T12:53:33.956Z",
        "dateUpdated": "2026-05-20T13:42:21.764Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-3039 (GCVE-0-2026-3039)

    Vulnerability from nvd – Published: 2026-05-20 13:09 – Updated: 2026-06-30 12:08
    VLAI
    Title
    BIND 9 server memory exhaustion during GSS-API TKEY negotiation
    Summary
    BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets. Typically these servers will be found in Active Directory integrated DNS deployments and/or Kerberos-secured DNS environments. This issue affects BIND 9 versions 9.0.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.9.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-771 - Missing Reference to Active Allocated Resource
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    isc
    Impacted products
    Vendor Product Version
    ISC BIND 9 Affected: 9.0.0 , ≤ 9.16.50 (custom)
    Affected: 9.18.0 , ≤ 9.18.48 (custom)
    Affected: 9.20.0 , ≤ 9.20.22 (custom)
    Affected: 9.21.0 , ≤ 9.21.21 (custom)
    Affected: 9.9.3-S1 , ≤ 9.16.50-S1 (custom)
    Affected: 9.18.11-S1 , ≤ 9.18.48-S1 (custom)
    Affected: 9.20.9-S1 , ≤ 9.20.22-S1 (custom)
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream (v. 10)     cpe:/o:redhat:enterprise_linux:10.2
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream (v. 8)     cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream (v. 9)     cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS (v. 8)     cpe:/o:redhat:enterprise_linux:8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)     cpe:/o:redhat:enterprise_linux:10.2
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux CRB (v. 8)     cpe:/a:redhat:enterprise_linux:8::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)     cpe:/a:redhat:enterprise_linux:9::crb
    Create a notification for this product.
    Red Hat Red Hat Hardened Images     cpe:/a:redhat:hummingbird:1
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Date Public
    2026-05-20 00:00
    Credits
    ISC would like to thank Vitaly Simonovich for bringing this vulnerability to our attention.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-3039",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-20T13:42:49.621351Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-20T13:43:00.275Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10.2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream (v. 10)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:8::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream (v. 8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:9::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream (v. 9)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS (v. 8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10.2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:8::crb"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux CRB (v. 8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:9::crb"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:hummingbird:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Hardened Images",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:6"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-05-21T12:24:11.051Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in BIND. A remote attacker can exploit this vulnerability by sending maliciously-constructed packets to BIND servers configured for TKEY-based authentication via GSS-API (Generic Security Service Application Program Interface) tokens. This can lead to excessive memory consumption, resulting in a Denial of Service (DoS) for the affected server."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-770",
                    "description": "Allocation of Resources Without Limits or Throttling",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:08:20.151Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-3039"
              },
              {
                "name": "RHBZ#2479767",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479767"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3039.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24338"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24339"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:23360"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24367"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24368"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:20334"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:24338: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24339: Red Hat Enterprise Linux AppStream (v. 8), Red Hat Enterprise Linux BaseOS (v. 8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:23360: Red Hat Enterprise Linux AppStream (v. 8), Red Hat Enterprise Linux CRB (v. 8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24367: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24368: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:20334: Red Hat Hardened Images"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-05-19T09:48:19.212Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-05-21T12:24:11.051Z",
                "value": "Made public."
              }
            ],
            "title": "bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.\n\nExample:\n```bash\n# Edit /etc/named.conf and remove or comment out lines related to tkey-gssapi-keytab or tkey-gssapi-credential.\n# For example, remove or comment out:\n# key \"gssapi-key\" {\n#     algorithm GSSAPI;\n#     secret \"BASE64_ENCODED_KEY\";\n# };\n#\n# Then reload the named service:\nsystemctl reload named\n```\nReloading the `named` service may cause a brief interruption in DNS resolution."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "BIND 9",
              "vendor": "ISC",
              "versions": [
                {
                  "lessThanOrEqual": "9.16.50",
                  "status": "affected",
                  "version": "9.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.48",
                  "status": "affected",
                  "version": "9.18.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.20.22",
                  "status": "affected",
                  "version": "9.20.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.21.21",
                  "status": "affected",
                  "version": "9.21.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.16.50-S1",
                  "status": "affected",
                  "version": "9.9.3-S1",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.48-S1",
                  "status": "affected",
                  "version": "9.18.11-S1",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.20.22-S1",
                  "status": "affected",
                  "version": "9.20.9-S1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.16.50",
                      "versionStartIncluding": "9.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.48",
                      "versionStartIncluding": "9.18.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.22",
                      "versionStartIncluding": "9.20.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.21.21",
                      "versionStartIncluding": "9.21.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.16.50-S1",
                      "versionStartIncluding": "9.9.3-S1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.48-S1",
                      "versionStartIncluding": "9.18.11-S1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.22-S1",
                      "versionStartIncluding": "9.20.9-S1",
                      "vulnerable": true
                    }
                  ],
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "ISC would like to thank Vitaly Simonovich for bringing this vulnerability to our attention."
            }
          ],
          "datePublic": "2026-05-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets.  Typically these servers will be found in Active Directory integrated DNS deployments and/or Kerberos-secured DNS environments.\nThis issue affects BIND 9 versions 9.0.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.9.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "We are not aware of any active exploits."
            }
          ],
          "impacts": [
            {
              "descriptions": [
                {
                  "lang": "en",
                  "value": "An attacker can construct and send packets to a BIND server that will cause it to allocate memory that is not subsequently released.  Depending on the volume and frequency of the packets received, named will eventually fail due to memory exhaustion."
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-771",
                  "description": "CWE-771 Missing Reference to Active Allocated Resource",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-20T13:09:04.126Z",
            "orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
            "shortName": "isc"
          },
          "references": [
            {
              "name": "CVE-2026-3039",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://kb.isc.org/docs/cve-2026-3039"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.18.49"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.20.23"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.21.22"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to the patched release most closely related to your current version of BIND 9: 9.18.49, 9.20.23, 9.21.22, 9.18.49-S1, or 9.20.23-S1."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "BIND 9 server memory exhaustion during GSS-API TKEY negotiation",
          "workarounds": [
            {
              "lang": "en",
              "value": "No workarounds known."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
        "assignerShortName": "isc",
        "cveId": "CVE-2026-3039",
        "datePublished": "2026-05-20T13:09:04.126Z",
        "dateReserved": "2026-02-23T16:28:45.411Z",
        "dateUpdated": "2026-06-30T12:08:20.151Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-3591 (GCVE-0-2026-3591)

    Vulnerability from nvd – Published: 2026-03-25 13:34 – Updated: 2026-03-25 14:13
    VLAI
    Title
    A stack use-after-return flaw in SIG(0) handling code may enable ACL bypass
    Summary
    A use-after-return vulnerability exists in the `named` server when handling DNS queries signed with SIG(0). Using a specially-crafted DNS request, an attacker may be able to cause an ACL to improperly (mis)match an IP address. In a default-allow ACL (denying only specific IP addresses), this may lead to unauthorized access. Default-deny ACLs should fail-secure. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1. BIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through 9.18.46-S1 are NOT affected.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-562 - Return of Stack Variable Address
    • CWE-305 - Authentication Bypass by Primary Weakness
    Assigner
    isc
    Impacted products
    Vendor Product Version
    ISC BIND 9 Affected: 9.20.0 , ≤ 9.20.20 (custom)
    Affected: 9.21.0 , ≤ 9.21.19 (custom)
    Affected: 9.20.9-S1 , ≤ 9.20.20-S1 (custom)
    Unaffected: 9.18.0 , ≤ 9.18.46 (custom)
    Unaffected: 9.18.11-S1 , ≤ 9.18.46-S1 (custom)
    Create a notification for this product.
    Date Public
    2026-03-25 00:00
    Credits
    ISC would like to thank Mcsky23 for bringing this vulnerability to our attention.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-3591",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-25T14:12:43.295485Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-25T14:13:01.659Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "BIND 9",
              "vendor": "ISC",
              "versions": [
                {
                  "lessThanOrEqual": "9.20.20",
                  "status": "affected",
                  "version": "9.20.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.21.19",
                  "status": "affected",
                  "version": "9.21.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.20.20-S1",
                  "status": "affected",
                  "version": "9.20.9-S1",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.46",
                  "status": "unaffected",
                  "version": "9.18.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.46-S1",
                  "status": "unaffected",
                  "version": "9.18.11-S1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.20",
                      "versionStartIncluding": "9.20.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.21.19",
                      "versionStartIncluding": "9.21.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.20-S1",
                      "versionStartIncluding": "9.20.9-S1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.46",
                      "versionStartIncluding": "9.18.0",
                      "vulnerable": false
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.46-S1",
                      "versionStartIncluding": "9.18.11-S1",
                      "vulnerable": false
                    }
                  ],
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "ISC would like to thank Mcsky23 for bringing this vulnerability to our attention."
            }
          ],
          "datePublic": "2026-03-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A use-after-return vulnerability exists in the `named` server when handling DNS queries signed with SIG(0). Using a specially-crafted DNS request, an attacker may be able to cause an ACL to improperly (mis)match an IP address. In a default-allow ACL (denying only specific IP addresses), this may lead to unauthorized access. Default-deny ACLs should fail-secure.\nThis issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1.\nBIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through 9.18.46-S1 are NOT affected."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "We are not aware of any active exploits."
            }
          ],
          "impacts": [
            {
              "descriptions": [
                {
                  "lang": "en",
                  "value": "An attacker may be able to cause an ACL to improperly (mis)match an IP address.  In a default-allow ACL (denying only specific IP addresses), this may lead to unauthorized access."
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-562",
                  "description": "CWE-562 Return of Stack Variable Address",
                  "lang": "en",
                  "type": "CWE"
                },
                {
                  "cweId": "CWE-305",
                  "description": "CWE-305 Authentication Bypass by Primary Weakness",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-25T13:34:14.202Z",
            "orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
            "shortName": "isc"
          },
          "references": [
            {
              "name": "CVE-2026-3591",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://kb.isc.org/docs/cve-2026-3591"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.20.21"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.21.20"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to the patched release most closely related to your current version of BIND 9: 9.20.21, 9.21.20, or 9.20.21-S1."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "A stack use-after-return flaw in SIG(0) handling code may enable ACL bypass",
          "workarounds": [
            {
              "lang": "en",
              "value": "No workarounds known."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
        "assignerShortName": "isc",
        "cveId": "CVE-2026-3591",
        "datePublished": "2026-03-25T13:34:14.202Z",
        "dateReserved": "2026-03-05T12:50:58.915Z",
        "dateUpdated": "2026-03-25T14:13:01.659Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-3119 (GCVE-0-2026-3119)

    Vulnerability from nvd – Published: 2026-03-25 13:31 – Updated: 2026-03-25 14:13
    VLAI
    Title
    Authenticated query containing a TKEY record may cause named to terminate unexpectedly
    Summary
    Under certain conditions, `named` may crash when processing a correctly signed query containing a TKEY record. The affected code can only be reached if an incoming request has a valid transaction signature (TSIG) from a key declared in the `named` configuration. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1. BIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through 9.18.46-S1 are NOT affected.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    isc
    Impacted products
    Vendor Product Version
    ISC BIND 9 Affected: 9.20.0 , ≤ 9.20.20 (custom)
    Affected: 9.21.0 , ≤ 9.21.19 (custom)
    Affected: 9.20.9-S1 , ≤ 9.20.20-S1 (custom)
    Unaffected: 9.18.0 , ≤ 9.18.46 (custom)
    Unaffected: 9.18.11-S1 , ≤ 9.18.46-S1 (custom)
    Create a notification for this product.
    Date Public
    2026-03-25 00:00
    Credits
    ISC would like to thank Vitaly Simonovich for bringing this vulnerability to our attention.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-3119",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-25T14:13:41.579382Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-25T14:13:54.588Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "BIND 9",
              "vendor": "ISC",
              "versions": [
                {
                  "lessThanOrEqual": "9.20.20",
                  "status": "affected",
                  "version": "9.20.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.21.19",
                  "status": "affected",
                  "version": "9.21.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.20.20-S1",
                  "status": "affected",
                  "version": "9.20.9-S1",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.46",
                  "status": "unaffected",
                  "version": "9.18.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.46-S1",
                  "status": "unaffected",
                  "version": "9.18.11-S1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.20",
                      "versionStartIncluding": "9.20.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.21.19",
                      "versionStartIncluding": "9.21.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.20-S1",
                      "versionStartIncluding": "9.20.9-S1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.46",
                      "versionStartIncluding": "9.18.0",
                      "vulnerable": false
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.46-S1",
                      "versionStartIncluding": "9.18.11-S1",
                      "vulnerable": false
                    }
                  ],
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "ISC would like to thank Vitaly Simonovich for bringing this vulnerability to our attention."
            }
          ],
          "datePublic": "2026-03-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Under certain conditions, `named` may crash when processing a correctly signed query containing a TKEY record. The affected code can only be reached if an incoming request has a valid transaction signature (TSIG) from a key declared in the `named` configuration.\nThis issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1.\nBIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through 9.18.46-S1 are NOT affected."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "We are not aware of any active exploits."
            }
          ],
          "impacts": [
            {
              "descriptions": [
                {
                  "lang": "en",
                  "value": "If this situation is encountered, `named` will terminate unexpectedly."
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-617",
                  "description": "CWE-617 Reachable Assertion",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-25T13:31:54.806Z",
            "orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
            "shortName": "isc"
          },
          "references": [
            {
              "name": "CVE-2026-3119",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://kb.isc.org/docs/cve-2026-3119"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.20.21"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.21.20"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to the patched release most closely related to your current version of BIND 9: 9.20.21, 9.21.20, or 9.20.21-S1."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Authenticated query containing a TKEY record may cause named to terminate unexpectedly",
          "workarounds": [
            {
              "lang": "en",
              "value": "Remove any TSIG keys that might be used by an attacker."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
        "assignerShortName": "isc",
        "cveId": "CVE-2026-3119",
        "datePublished": "2026-03-25T13:31:54.806Z",
        "dateReserved": "2026-02-24T12:29:14.561Z",
        "dateUpdated": "2026-03-25T14:13:54.588Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-3104 (GCVE-0-2026-3104)

    Vulnerability from nvd – Published: 2026-03-25 13:29 – Updated: 2026-06-30 12:08
    VLAI
    Title
    Memory leak in code preparing DNSSEC proofs of non-existence
    Summary
    A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1. BIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through 9.18.46-S1 are NOT affected.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-772 - Missing Release of Resource after Effective Lifetime
    Assigner
    isc
    Impacted products
    Vendor Product Version
    ISC BIND 9 Affected: 9.20.0 , ≤ 9.20.20 (custom)
    Affected: 9.21.0 , ≤ 9.21.19 (custom)
    Affected: 9.20.9-S1 , ≤ 9.20.20-S1 (custom)
    Unaffected: 9.18.0 , ≤ 9.18.46 (custom)
    Unaffected: 9.18.11-S1 , ≤ 9.18.46-S1 (custom)
    Create a notification for this product.
    Red Hat Red Hat Hardened Images     cpe:/a:redhat:hummingbird:1
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
    Create a notification for this product.
    Date Public
    2026-03-25 00:00
    Credits
    ISC would like to thank Vitaly Simonovich for bringing this vulnerability to our attention.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-3104",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-25T14:56:20.362810Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-25T14:56:26.373Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:hummingbird:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Hardened Images",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:6"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:7"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat OpenShift Container Platform 4",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-03-25T13:29:19.494Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in the BIND resolver. A remote attacker can exploit this vulnerability by querying a specially crafted domain, which causes a memory leak. This memory leak can lead to a Denial of Service (DoS) condition, making the BIND resolver unavailable to legitimate users."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-772",
                    "description": "Missing Release of Resource after Effective Lifetime",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:08:17.924Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-3104"
              },
              {
                "name": "RHBZ#2451310",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451310"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3104.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:6935"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:6935: Red Hat Hardened Images"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-03-25T14:02:15.067Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-03-25T13:29:19.494Z",
                "value": "Made public."
              }
            ],
            "title": "bind: BIND: Denial of Service via specially crafted domain query causing a memory leak",
            "workarounds": [
              {
                "lang": "en",
                "value": "To mitigate this issue, restrict access to the BIND resolver to trusted clients only. This can be achieved by configuring firewall rules to limit inbound connections to port 53 (UDP/TCP) from known, authorized IP addresses or networks. Alternatively, configure BIND to listen only on specific trusted interfaces or localhost.\n\nExample using firewalld:\n`firewall-cmd --permanent --add-rich-rule=\u0027rule family=\"ipv4\" source address=\"\u003cTRUSTED_IP_OR_NETWORK\u003e\" port port=53 protocol=\"udp\" accept\u0027`\n`firewall-cmd --permanent --add-rich-rule=\u0027rule family=\"ipv4\" source address=\"\u003cTRUSTED_IP_OR_NETWORK\u003e\" port port=53 protocol=\"tcp\" accept\u0027`\n`firewall-cmd --reload`\n\nAfter applying changes, a restart of the BIND service may be required for the new configuration to take full effect. This may temporarily interrupt DNS resolution services."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "BIND 9",
              "vendor": "ISC",
              "versions": [
                {
                  "lessThanOrEqual": "9.20.20",
                  "status": "affected",
                  "version": "9.20.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.21.19",
                  "status": "affected",
                  "version": "9.21.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.20.20-S1",
                  "status": "affected",
                  "version": "9.20.9-S1",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.46",
                  "status": "unaffected",
                  "version": "9.18.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.46-S1",
                  "status": "unaffected",
                  "version": "9.18.11-S1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.20",
                      "versionStartIncluding": "9.20.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.21.19",
                      "versionStartIncluding": "9.21.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.20-S1",
                      "versionStartIncluding": "9.20.9-S1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.46",
                      "versionStartIncluding": "9.18.0",
                      "vulnerable": false
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.46-S1",
                      "versionStartIncluding": "9.18.11-S1",
                      "vulnerable": false
                    }
                  ],
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "ISC would like to thank Vitaly Simonovich for bringing this vulnerability to our attention."
            }
          ],
          "datePublic": "2026-03-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain.\nThis issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1.\nBIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through 9.18.46-S1 are NOT affected."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "We are not aware of any active exploits."
            }
          ],
          "impacts": [
            {
              "descriptions": [
                {
                  "lang": "en",
                  "value": "If a BIND resolver is asked to query a specially crafted domain, memory will not be recovered by `named`. This can cause unbounded growth of Resident Set Size (RSS) memory, which may lead to an out-of-memory condition. Additionally, `named` will exit with an assertion failure if a shutdown or reload is attempted."
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-772",
                  "description": "CWE-772 Missing Release of Resource after Effective Lifetime",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-25T13:29:19.494Z",
            "orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
            "shortName": "isc"
          },
          "references": [
            {
              "name": "CVE-2026-3104",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://kb.isc.org/docs/cve-2026-3104"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.20.21"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.21.20"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to the patched release most closely related to your current version of BIND 9: 9.20.21, 9.21.20, or 9.20.21-S1."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Memory leak in code preparing DNSSEC proofs of non-existence",
          "workarounds": [
            {
              "lang": "en",
              "value": "No workarounds known."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
        "assignerShortName": "isc",
        "cveId": "CVE-2026-3104",
        "datePublished": "2026-03-25T13:29:19.494Z",
        "dateReserved": "2026-02-24T10:04:57.917Z",
        "dateUpdated": "2026-06-30T12:08:17.924Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-1519 (GCVE-0-2026-1519)

    Vulnerability from nvd – Published: 2026-03-25 13:25 – Updated: 2026-06-30 12:07
    VLAI
    Title
    Excessive NSEC3 iterations cause high CPU load during insecure delegation validation
    Summary
    If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries (see: https://kb.isc.org/docs/why-does-my-authoritative-server-make-recursive-queries). This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.46, 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.46-S1, and 9.20.9-S1 through 9.20.20-S1.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-606 - Unchecked Input for Loop Condition
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    isc
    References
    URL Tags
    https://kb.isc.org/docs/cve-2026-1519 vendor-advisory
    https://downloads.isc.org/isc/bind9/9.18.47 patch
    https://downloads.isc.org/isc/bind9/9.20.21 patch
    https://downloads.isc.org/isc/bind9/9.21.20 patch
    https://lists.debian.org/debian-lts-announce/2026…
    https://access.redhat.com/security/cve/CVE-2026-1519 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2451305 issue-trackingx_refsource_REDHAT
    https://security.access.redhat.com/data/csaf/v2/v… x_sadp-csaf-vex
    https://access.redhat.com/errata/RHSA-2026:11372 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:11371 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:24851 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:8312 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:8352 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:8155 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:16064 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:16060 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:25171 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:15890 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:25083 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:29110 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:25214 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:24500 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:24934 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:8075 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:7915 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:6935 vendor-advisoryx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    ISC BIND 9 Affected: 9.11.0 , ≤ 9.16.50 (custom)
    Affected: 9.18.0 , ≤ 9.18.46 (custom)
    Affected: 9.20.0 , ≤ 9.20.20 (custom)
    Affected: 9.21.0 , ≤ 9.21.19 (custom)
    Affected: 9.11.3-S1 , ≤ 9.16.50-S1 (custom)
    Affected: 9.18.11-S1 , ≤ 9.18.46-S1 (custom)
    Affected: 9.20.9-S1 , ≤ 9.20.20-S1 (custom)
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Server -EXTENSION(v. 6 ELS-EXTENSION)     cpe:/o:redhat:rhel_els:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Server Optional -EXTENSION (v. 6 ELS -EXTENSION)     cpe:/o:redhat:rhel_els:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Server (v. 7 ELS)     cpe:/o:redhat:rhel_els:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Server Optional (v. 7 ELS)     cpe:/o:redhat:rhel_els:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream EUS (v. 10.0)     cpe:/o:redhat:enterprise_linux_eus:10.0
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream (v. 10)     cpe:/o:redhat:enterprise_linux:10.1
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream (v. 8)     cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream AUS (v.8.4)     cpe:/a:redhat:rhel_aus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)     cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream AUS (v.8.6)     cpe:/a:redhat:rhel_aus:8.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream E4S (v.8.6)     cpe:/a:redhat:rhel_e4s:8.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.6)     cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream TUS (v.8.6)     cpe:/a:redhat:rhel_tus:8.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream E4S (v.8.8)     cpe:/a:redhat:rhel_e4s:8.8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream TUS (v.8.8)     cpe:/a:redhat:rhel_tus:8.8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream E4S (v.9.2)     cpe:/a:redhat:rhel_e4s:9.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream E4S (v.9.4)     cpe:/a:redhat:rhel_e4s:9.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream EUS (v.9.6)     cpe:/a:redhat:rhel_eus:9.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream (v. 9)     cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS (v. 8)     cpe:/o:redhat:enterprise_linux:8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS AUS (v.8.4)     cpe:/o:redhat:rhel_aus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)     cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS AUS (v.8.6)     cpe:/o:redhat:rhel_aus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS E4S (v.8.6)     cpe:/o:redhat:rhel_e4s:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS TUS (v.8.6)     cpe:/o:redhat:rhel_tus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS E4S (v.8.8)     cpe:/o:redhat:rhel_e4s:8.8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS TUS (v.8.8)     cpe:/o:redhat:rhel_tus:8.8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)     cpe:/o:redhat:enterprise_linux:10.1
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux CRB (v. 8)     cpe:/a:redhat:enterprise_linux:8::crb
    Create a notification for this product.
    Red Hat Red Hat CodeReady Linux Builder EUS (v.9.6)     cpe:/a:redhat:rhel_eus:9.6::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)     cpe:/a:redhat:enterprise_linux:9::crb
    Create a notification for this product.
    Red Hat Red Hat Hardened Images     cpe:/a:redhat:hummingbird:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)     cpe:/o:redhat:enterprise_linux_eus:10.0
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Date Public
    2026-03-25 00:00
    Credits
    ISC would like to thank Samy Medjahed/Ap4sh for bringing this vulnerability to our attention.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-1519",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-25T14:55:33.427270Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-25T14:55:40.032Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2026-04-13T09:35:57.526Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://lists.debian.org/debian-lts-announce/2026/04/msg00008.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_els:6"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Server -EXTENSION(v. 6 ELS-EXTENSION)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_els:6"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Server Optional -EXTENSION (v. 6 ELS -EXTENSION)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_els:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Server (v. 7 ELS)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_els:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux_eus:10.0"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10.1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream (v. 10)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:8::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream (v. 8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_aus:8.4::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream AUS (v.8.4)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_aus:8.6::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream AUS (v.8.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_e4s:8.6::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream E4S (v.8.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_tus:8.6::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream TUS (v.8.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_e4s:8.8::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream E4S (v.8.8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_tus:8.8::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream TUS (v.8.8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_e4s:9.2::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream E4S (v.9.2)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_e4s:9.4::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream E4S (v.9.4)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_eus:9.6::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:9::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream (v. 9)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS (v. 8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_aus:8.4::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_aus:8.6::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_e4s:8.6::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_tus:8.6::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_e4s:8.8::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_tus:8.8::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10.1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:8::crb"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux CRB (v. 8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_eus:9.6::crb"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat CodeReady Linux Builder EUS (v.9.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:9::crb"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:hummingbird:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Hardened Images",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux_eus:10.0"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-03-25T13:25:19.802Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in BIND. A remote attacker could exploit this vulnerability by sending a maliciously crafted DNSSEC-validated zone to a BIND resolver. This could cause the resolver to consume excessive CPU resources, leading to a denial of service (DoS) for legitimate users."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-770",
                    "description": "Allocation of Resources Without Limits or Throttling",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:07:09.467Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-1519"
              },
              {
                "name": "RHBZ#2451305",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451305"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1519.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:11372"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:11371"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24851"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:8312"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:8352"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:8155"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:16064"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:16060"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:25171"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:15890"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:25083"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:29110"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:25214"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24500"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24934"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:8075"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:7915"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:6935"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:11372: Red Hat Enterprise Linux Server -EXTENSION(v. 6 ELS-EXTENSION), Red Hat Enterprise Linux Server Optional -EXTENSION (v. 6 ELS -EXTENSION)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:11371: Red Hat Enterprise Linux Server (v. 7 ELS), Red Hat Enterprise Linux Server Optional (v. 7 ELS)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24851: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:8312: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:8352: Red Hat Enterprise Linux AppStream (v. 8), Red Hat Enterprise Linux BaseOS (v. 8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:8155: Red Hat Enterprise Linux AppStream (v. 8), Red Hat Enterprise Linux CRB (v. 8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:16064: Red Hat Enterprise Linux AppStream AUS (v.8.4), Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4), Red Hat Enterprise Linux BaseOS AUS (v.8.4), Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:16060: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6), Red Hat Enterprise Linux BaseOS AUS (v.8.6), Red Hat Enterprise Linux BaseOS E4S (v.8.6), Red Hat Enterprise Linux BaseOS TUS (v.8.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:25171: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:15890: Red Hat Enterprise Linux AppStream E4S (v.8.8), Red Hat Enterprise Linux AppStream TUS (v.8.8), Red Hat Enterprise Linux BaseOS E4S (v.8.8), Red Hat Enterprise Linux BaseOS TUS (v.8.8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:25083: Red Hat Enterprise Linux AppStream E4S (v.8.8), Red Hat Enterprise Linux AppStream TUS (v.8.8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:29110: Red Hat Enterprise Linux AppStream E4S (v.9.2)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:25214: Red Hat Enterprise Linux AppStream E4S (v.9.4)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24500: Red Hat CodeReady Linux Builder EUS (v.9.6), Red Hat Enterprise Linux AppStream EUS (v.9.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24934: Red Hat CodeReady Linux Builder EUS (v.9.6), Red Hat Enterprise Linux AppStream EUS (v.9.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:8075: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:7915: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:6935: Red Hat Hardened Images"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-03-25T14:01:56.586Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-03-25T13:25:19.802Z",
                "value": "Made public."
              }
            ],
            "title": "bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone",
            "workarounds": [
              {
                "lang": "en",
                "value": "To mitigate this issue, disable DNSSEC validation on affected BIND resolvers. Alternatively, configure the BIND server as authoritative-only if recursive queries are not required. Disabling DNSSEC validation may reduce the security posture of the DNS resolver. A restart of the BIND service (`named`) is required for these changes to take effect and may temporarily interrupt DNS resolution."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "BIND 9",
              "vendor": "ISC",
              "versions": [
                {
                  "lessThanOrEqual": "9.16.50",
                  "status": "affected",
                  "version": "9.11.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.46",
                  "status": "affected",
                  "version": "9.18.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.20.20",
                  "status": "affected",
                  "version": "9.20.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.21.19",
                  "status": "affected",
                  "version": "9.21.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.16.50-S1",
                  "status": "affected",
                  "version": "9.11.3-S1",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.46-S1",
                  "status": "affected",
                  "version": "9.18.11-S1",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.20.20-S1",
                  "status": "affected",
                  "version": "9.20.9-S1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.16.50",
                      "versionStartIncluding": "9.11.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.46",
                      "versionStartIncluding": "9.18.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.20",
                      "versionStartIncluding": "9.20.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.21.19",
                      "versionStartIncluding": "9.21.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.16.50-S1",
                      "versionStartIncluding": "9.11.3-S1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.46-S1",
                      "versionStartIncluding": "9.18.11-S1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.20-S1",
                      "versionStartIncluding": "9.20.9-S1",
                      "vulnerable": true
                    }
                  ],
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "ISC would like to thank Samy Medjahed/Ap4sh for bringing this vulnerability to our attention."
            }
          ],
          "datePublic": "2026-03-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries (see: https://kb.isc.org/docs/why-does-my-authoritative-server-make-recursive-queries).\nThis issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.46, 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.46-S1, and 9.20.9-S1 through 9.20.20-S1."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "We are not aware of any active exploits."
            }
          ],
          "impacts": [
            {
              "descriptions": [
                {
                  "lang": "en",
                  "value": "If this issue is encountered, the resolver may experience excessive CPU consumption and a sharp decrease in the number of queries per second that it can handle."
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-606",
                  "description": "CWE-606 Unchecked Input for Loop Condition",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-25T13:25:19.802Z",
            "orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
            "shortName": "isc"
          },
          "references": [
            {
              "name": "CVE-2026-1519",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://kb.isc.org/docs/cve-2026-1519"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.18.47"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.20.21"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.21.20"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to the patched release most closely related to your current version of BIND 9: 9.18.47, 9.20.21, 9.21.20, 9.18.47-S1, or 9.20.21-S1."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Excessive NSEC3 iterations cause high CPU load during insecure delegation validation",
          "workarounds": [
            {
              "lang": "en",
              "value": "This is not recommended, but disabling DNSSEC (`dnssec-validation no;`) prevents exploitation of this issue."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
        "assignerShortName": "isc",
        "cveId": "CVE-2026-1519",
        "datePublished": "2026-03-25T13:25:19.802Z",
        "dateReserved": "2026-01-28T09:54:49.514Z",
        "dateUpdated": "2026-06-30T12:07:09.467Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-3608 (GCVE-0-2026-3608)

    Vulnerability from nvd – Published: 2026-03-25 08:46 – Updated: 2026-06-30 12:09
    VLAI
    Title
    Stack overflow in Kea daemons
    Summary
    Sending a maliciously crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6 daemons over any configured API socket or HA listener can cause the receiving daemon to exit with a stack overflow error. This issue affects Kea versions 2.6.0 through 2.6.4 and 3.0.0 through 3.0.2.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    isc
    Date Public
    2026-03-25 00:00
    Credits
    ISC would like to thank Ali Norouzi of Keysight for bringing this vulnerability to our attention.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-3608",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-25T13:26:04.073699Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-25T13:26:12.153Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2026-03-25T17:22:19.777Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/03/25/6"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux_eus:10.0"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10.1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream (v. 10)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux_eus:10.0"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10.1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS (v. 10)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux_eus:10.0"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10.1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-03-25T08:46:48.992Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Kea. A remote attacker can send a maliciously crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6 daemons over any configured API socket or HA listener. This can cause a stack overflow error, leading to the daemon exiting and resulting in a Denial of Service (DoS)."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-617",
                    "description": "Reachable Assertion",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:09:23.983Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-3608"
              },
              {
                "name": "RHBZ#2451139",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451139"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3608.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:11344"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:7342"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:11344: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux BaseOS EUS (v. 10.0), Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:7342: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux BaseOS (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-03-25T09:01:15.192Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-03-25T08:46:48.992Z",
                "value": "Made public."
              }
            ],
            "title": "Kea: Kea: Denial of Service via maliciously crafted message",
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Kea",
              "vendor": "ISC",
              "versions": [
                {
                  "lessThanOrEqual": "2.6.4",
                  "status": "affected",
                  "version": "2.6.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "3.0.2",
                  "status": "affected",
                  "version": "3.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:isc:kea:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "2.6.4",
                      "versionStartIncluding": "2.6.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:kea:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "3.0.2",
                      "versionStartIncluding": "3.0.0",
                      "vulnerable": true
                    }
                  ],
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "ISC would like to thank Ali Norouzi of Keysight for bringing this vulnerability to our attention."
            }
          ],
          "datePublic": "2026-03-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Sending a maliciously crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6 daemons over any configured API socket or HA listener can cause the receiving daemon to exit with a stack overflow error.\nThis issue affects Kea versions 2.6.0 through 2.6.4 and 3.0.0 through 3.0.2."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "We are not aware of any active exploits."
            }
          ],
          "impacts": [
            {
              "descriptions": [
                {
                  "lang": "en",
                  "value": "Loss of DHCP services"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-617",
                  "description": "CWE-617 Reachable Assertion",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-25T08:46:48.992Z",
            "orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
            "shortName": "isc"
          },
          "references": [
            {
              "name": "CVE-2026-3608",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://kb.isc.org/docs/cve-2026-3608"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/kea/2.6.5"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/kea/3.0.3"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to the patched release most closely related to your current version of Kea: 2.6.5 or 3.0.3."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Stack overflow in Kea daemons",
          "workarounds": [
            {
              "lang": "en",
              "value": "Securing the API sockets with TLS, and requiring the client to authenticate with a certificate (mutual authentication), prevents the attacker from establishing an API connection to Kea.  Set cert-required to true (the default) to require a client certificate.  See: https://kea.readthedocs.io/en/stable/arm/security.html#tls-https-configuration"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
        "assignerShortName": "isc",
        "cveId": "CVE-2026-3608",
        "datePublished": "2026-03-25T08:46:48.992Z",
        "dateReserved": "2026-03-05T17:47:36.088Z",
        "dateUpdated": "2026-06-30T12:09:23.983Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-13878 (GCVE-0-2025-13878)

    Vulnerability from nvd – Published: 2026-01-21 14:43 – Updated: 2026-06-30 12:07
    VLAI
    Title
    Malformed BRID/HHIT records can cause named to terminate unexpectedly
    Summary
    Malformed BRID/HHIT records can cause `named` to terminate unexpectedly. This issue affects BIND 9 versions 9.18.40 through 9.18.43, 9.20.13 through 9.20.17, 9.21.12 through 9.21.16, 9.18.40-S1 through 9.18.43-S1, and 9.20.13-S1 through 9.20.17-S1.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-617 - Reachable Assertion
    • CWE-1286 - Improper Validation of Syntactic Correctness of Input
    Assigner
    isc
    Impacted products
    Vendor Product Version
    ISC BIND 9 Affected: 9.18.40 , ≤ 9.18.43 (custom)
    Affected: 9.20.13 , ≤ 9.20.17 (custom)
    Affected: 9.21.12 , ≤ 9.21.16 (custom)
    Affected: 9.18.40-S1 , ≤ 9.18.43-S1 (custom)
    Affected: 9.20.13-S1 , ≤ 9.20.17-S1 (custom)
    Create a notification for this product.
    Red Hat Red Hat Hardened Images     cpe:/a:redhat:hummingbird:1
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
    Create a notification for this product.
    Date Public
    2026-01-21 00:00
    Credits
    ISC would like to thank Vlatko Kosturjak from Marlink Cyber for bringing this vulnerability to our attention.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-13878",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-21T14:57:50.807267Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-21T14:58:14.618Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2026-01-21T18:13:38.157Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/01/21/3"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:hummingbird:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Hardened Images",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:6"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:7"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat OpenShift Container Platform 4",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-01-21T00:00:00.000Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in bind. A remote attacker can send a specially crafted request that results in a corrupt or malicious record, causing the \u0027named\u0027 service to crash. This vulnerability leads to a Denial of Service (DoS) for authoritative servers and resolvers."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-1286",
                    "description": "Improper Validation of Syntactic Correctness of Input",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:07:24.982Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2025-13878"
              },
              {
                "name": "RHBZ#2431600",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431600"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-13878.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:6935"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:6935: Red Hat Hardened Images"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-01-21T13:45:49.972Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-01-21T00:00:00.000Z",
                "value": "Made public."
              }
            ],
            "title": "bind: bind: Denial of Service via corrupt or malicious record",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "BIND 9",
              "vendor": "ISC",
              "versions": [
                {
                  "lessThanOrEqual": "9.18.43",
                  "status": "affected",
                  "version": "9.18.40",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.20.17",
                  "status": "affected",
                  "version": "9.20.13",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.21.16",
                  "status": "affected",
                  "version": "9.21.12",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.43-S1",
                  "status": "affected",
                  "version": "9.18.40-S1",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.20.17-S1",
                  "status": "affected",
                  "version": "9.20.13-S1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.43",
                      "versionStartIncluding": "9.18.40",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.17",
                      "versionStartIncluding": "9.20.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.21.16",
                      "versionStartIncluding": "9.21.12",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.43-S1",
                      "versionStartIncluding": "9.18.40-S1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.17-S1",
                      "versionStartIncluding": "9.20.13-S1",
                      "vulnerable": true
                    }
                  ],
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "ISC would like to thank Vlatko Kosturjak from Marlink Cyber for bringing this vulnerability to our attention."
            }
          ],
          "datePublic": "2026-01-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Malformed BRID/HHIT records can cause `named` to terminate unexpectedly.\nThis issue affects BIND 9 versions 9.18.40 through 9.18.43, 9.20.13 through 9.20.17, 9.21.12 through 9.21.16, 9.18.40-S1 through 9.18.43-S1, and 9.20.13-S1 through 9.20.17-S1."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "We are not aware of any active exploits."
            }
          ],
          "impacts": [
            {
              "descriptions": [
                {
                  "lang": "en",
                  "value": "An attacker can cause `named` to crash by sending a request that results in a corrupt or malicious record."
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-617",
                  "description": "CWE-617 Reachable Assertion",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-21T14:43:27.260Z",
            "orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
            "shortName": "isc"
          },
          "references": [
            {
              "name": "CVE-2025-13878",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://kb.isc.org/docs/cve-2025-13878"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.18.44"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.20.18"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.21.17"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to the patched release most closely related to your current version of BIND 9: 9.18.44, 9.20.18, 9.21.17, 9.18.44-S1, or 9.20.18-S1."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Malformed BRID/HHIT records can cause named to terminate unexpectedly",
          "workarounds": [
            {
              "lang": "en",
              "value": "No workarounds known."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
        "assignerShortName": "isc",
        "cveId": "CVE-2025-13878",
        "datePublished": "2026-01-21T14:43:27.260Z",
        "dateReserved": "2025-12-02T11:08:04.266Z",
        "dateUpdated": "2026-06-30T12:07:24.982Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-11232 (GCVE-0-2025-11232)

    Vulnerability from nvd – Published: 2025-10-29 18:02 – Updated: 2025-11-04 21:09
    VLAI
    Title
    Invalid characters cause assert
    Summary
    To trigger the issue, three configuration parameters must have specific settings: "hostname-char-set" must be left at the default setting, which is "[^A-Za-z0-9.-]"; "hostname-char-replacement" must be empty (the default); and "ddns-qualifying-suffix" must *NOT* be empty (the default is empty). DDNS updates do not need to be enabled for this issue to manifest. A client that sends certain option content would then cause kea-dhcp4 to exit unexpectedly. This issue affects Kea versions 3.0.1 through 3.0.1 and 3.1.1 through 3.1.2.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-823 - Use of Out-of-range Pointer Offset
    Assigner
    isc
    Impacted products
    Vendor Product Version
    ISC Kea Affected: 3.0.1 , ≤ 3.0.1 (custom)
    Affected: 3.1.1 , ≤ 3.1.2 (custom)
    Unaffected: 2.6.0 , ≤ 2.6.4 (custom)
    Unaffected: 2.7.0 , ≤ 2.7.9 (custom)
    Unaffected: 3.0.0 , ≤ 3.0.0 (custom)
    Unaffected: 3.1.0 , ≤ 3.1.0 (custom)
    Create a notification for this product.
    Date Public
    2025-10-29 00:00
    Credits
    ISC would like to thank Siniša Uskoković and Ralf Steuer from Vienna University of Economics and Business for bringing this vulnerability to our attention.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-11232",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-29T18:22:07.119804Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-29T18:22:23.455Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-04T21:09:09.184Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2025/10/29/5"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Kea",
              "vendor": "ISC",
              "versions": [
                {
                  "lessThanOrEqual": "3.0.1",
                  "status": "affected",
                  "version": "3.0.1",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "3.1.2",
                  "status": "affected",
                  "version": "3.1.1",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "2.6.4",
                  "status": "unaffected",
                  "version": "2.6.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "2.7.9",
                  "status": "unaffected",
                  "version": "2.7.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "3.0.0",
                  "status": "unaffected",
                  "version": "3.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "3.1.0",
                  "status": "unaffected",
                  "version": "3.1.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "ISC would like to thank Sini\u0161a Uskokovi\u0107 and Ralf Steuer from Vienna University of Economics and Business for bringing this vulnerability to our attention."
            }
          ],
          "datePublic": "2025-10-29T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "To trigger the issue, three configuration parameters must have specific settings: \"hostname-char-set\" must be left at the default setting, which is \"[^A-Za-z0-9.-]\"; \"hostname-char-replacement\" must be empty (the default); and \"ddns-qualifying-suffix\" must *NOT* be empty (the default is empty). DDNS updates do not need to be enabled for this issue to manifest. A client that sends certain option content would then cause kea-dhcp4 to exit unexpectedly.\nThis issue affects Kea versions 3.0.1 through 3.0.1 and 3.1.1 through 3.1.2."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "We are not aware of any active exploits."
            }
          ],
          "impacts": [
            {
              "descriptions": [
                {
                  "lang": "en",
                  "value": "A denial of service from the repeated attacks against the Kea server"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-823",
                  "description": "CWE-823 Use of Out-of-range Pointer Offset",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-29T18:02:39.421Z",
            "orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
            "shortName": "isc"
          },
          "references": [
            {
              "name": "CVE-2025-11232",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://kb.isc.org/docs/cve-2025-11232"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to the patched release most closely related to your current version of Kea: 3.0.2 or 3.1.3."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Invalid characters cause assert",
          "workarounds": [
            {
              "lang": "en",
              "value": "Setting \"hostname-char-replacement\" to anything other than an empty value (suggestion: \"x\") is an effective workaround to this issue, regardless of other settings."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
        "assignerShortName": "isc",
        "cveId": "CVE-2025-11232",
        "datePublished": "2025-10-29T18:02:39.421Z",
        "dateReserved": "2025-10-01T15:15:46.992Z",
        "dateUpdated": "2025-11-04T21:09:09.184Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-5950 (GCVE-0-2026-5950)

    Vulnerability from cvelistv5 – Published: 2026-05-20 13:10 – Updated: 2026-05-20 13:38
    VLAI
    Title
    Unbounded resend loop in BIND 9 resolver
    Summary
    An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenticated attacker to cause severe resource exhaustion by sending queries that trigger specific retry conditions. This issue affects BIND 9 versions 9.18.36 through 9.18.48, 9.20.8 through 9.20.22, 9.21.7 through 9.21.21, 9.18.36-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-606 - Unchecked Input for Loop Condition
    Assigner
    isc
    Impacted products
    Vendor Product Version
    ISC BIND 9 Affected: 9.18.36 , ≤ 9.18.48 (custom)
    Affected: 9.20.8 , ≤ 9.20.22 (custom)
    Affected: 9.21.7 , ≤ 9.21.21 (custom)
    Affected: 9.18.36-S1 , ≤ 9.18.48-S1 (custom)
    Affected: 9.20.9-S1 , ≤ 9.20.22-S1 (custom)
    Create a notification for this product.
    Date Public
    2026-05-20 00:00
    Credits
    ISC would like to thank Billy Baraja (BielraX) for bringing this vulnerability to our attention.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5950",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-20T13:38:40.421994Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-20T13:38:53.211Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "BIND 9",
              "vendor": "ISC",
              "versions": [
                {
                  "lessThanOrEqual": "9.18.48",
                  "status": "affected",
                  "version": "9.18.36",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.20.22",
                  "status": "affected",
                  "version": "9.20.8",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.21.21",
                  "status": "affected",
                  "version": "9.21.7",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.48-S1",
                  "status": "affected",
                  "version": "9.18.36-S1",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.20.22-S1",
                  "status": "affected",
                  "version": "9.20.9-S1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.48",
                      "versionStartIncluding": "9.18.36",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.22",
                      "versionStartIncluding": "9.20.8",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.21.21",
                      "versionStartIncluding": "9.21.7",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.48-S1",
                      "versionStartIncluding": "9.18.36-S1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.22-S1",
                      "versionStartIncluding": "9.20.9-S1",
                      "vulnerable": true
                    }
                  ],
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "ISC would like to thank Billy Baraja (BielraX) for bringing this vulnerability to our attention."
            }
          ],
          "datePublic": "2026-05-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenticated attacker to cause severe resource exhaustion by sending queries that trigger specific retry conditions.\nThis issue affects BIND 9 versions 9.18.36 through 9.18.48, 9.20.8 through 9.20.22, 9.21.7 through 9.21.21, 9.18.36-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "We are not aware of any active exploits."
            }
          ],
          "impacts": [
            {
              "descriptions": [
                {
                  "lang": "en",
                  "value": "Severe resource exhaustion."
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-606",
                  "description": "CWE-606 Unchecked Input for Loop Condition",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-20T13:10:19.989Z",
            "orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
            "shortName": "isc"
          },
          "references": [
            {
              "name": "CVE-2026-5950",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://kb.isc.org/docs/cve-2026-5950"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.18.49"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.20.23"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.21.22"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to the patched release most closely related to your current version of BIND 9: 9.18.49, 9.20.23, 9.21.22, 9.18.49-S1, or 9.20.23-S1."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Unbounded resend loop in BIND 9 resolver",
          "workarounds": [
            {
              "lang": "en",
              "value": "No workarounds known."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
        "assignerShortName": "isc",
        "cveId": "CVE-2026-5950",
        "datePublished": "2026-05-20T13:10:19.989Z",
        "dateReserved": "2026-04-09T06:42:23.953Z",
        "dateUpdated": "2026-05-20T13:38:53.211Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-5947 (GCVE-0-2026-5947)

    Vulnerability from cvelistv5 – Published: 2026-05-20 13:10 – Updated: 2026-06-30 12:11
    VLAI
    Title
    SIG(0) validation during query flood may lead to undefined behavior
    Summary
    Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG(0), it begins work to validate that signature. If, during that validation, the "recursive-clients" limit is reached (as would occur during a query flood), and that same DNS message is discarded per the limit, there is a brief window of time while the SIG(0) validation may attempt to read the now-discarded DNS message. This issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1. BIND 9 versions 9.18.28 through 9.18.49 and 9.18.28-S1 through 9.18.49-S1 are NOT affected.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
    • CWE-416 - Use After Free
    • CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
    Assigner
    isc
    Impacted products
    Vendor Product Version
    ISC BIND 9 Affected: 9.20.0 , ≤ 9.20.22 (custom)
    Affected: 9.21.0 , ≤ 9.21.21 (custom)
    Affected: 9.20.9-S1 , ≤ 9.20.22-S1 (custom)
    Unaffected: 9.18.28 , ≤ 9.18.49 (custom)
    Unaffected: 9.18.28-S1 , ≤ 9.18.49-S1 (custom)
    Create a notification for this product.
    Red Hat Red Hat Hardened Images     cpe:/a:redhat:hummingbird:1
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
    Create a notification for this product.
    Date Public
    2026-05-20 00:00
    Credits
    ISC would like to thank Naoki Wakamatsu for bringing this vulnerability to our attention.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5947",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-20T13:39:15.454199Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-20T13:39:38.654Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:hummingbird:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Hardened Images",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:6"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:7"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat OpenShift Container Platform 4",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-05-21T12:15:50.513Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in BIND. A remote attacker could exploit a race condition during SIG(0) signature validation of an incoming DNS message. If the \"recursive-clients\" limit is reached and the message is discarded, a use-after-free vulnerability may occur. This could lead to undefined behavior and potentially result in a denial of service."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-367",
                    "description": "Time-of-check Time-of-use (TOCTOU) Race Condition",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:11:11.730Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-5947"
              },
              {
                "name": "RHBZ#2479772",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479772"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5947.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:7412"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:7412: Red Hat Hardened Images"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-05-19T09:59:51.277Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-05-21T12:15:50.513Z",
                "value": "Made public."
              }
            ],
            "title": "bind: SIG(0) validation during query flood may lead to undefined behavior",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "BIND 9",
              "vendor": "ISC",
              "versions": [
                {
                  "lessThanOrEqual": "9.20.22",
                  "status": "affected",
                  "version": "9.20.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.21.21",
                  "status": "affected",
                  "version": "9.21.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.20.22-S1",
                  "status": "affected",
                  "version": "9.20.9-S1",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.49",
                  "status": "unaffected",
                  "version": "9.18.28",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.49-S1",
                  "status": "unaffected",
                  "version": "9.18.28-S1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.22",
                      "versionStartIncluding": "9.20.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.21.21",
                      "versionStartIncluding": "9.21.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.22-S1",
                      "versionStartIncluding": "9.20.9-S1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.49",
                      "versionStartIncluding": "9.18.28",
                      "vulnerable": false
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.49-S1",
                      "versionStartIncluding": "9.18.28-S1",
                      "vulnerable": false
                    }
                  ],
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "ISC would like to thank Naoki Wakamatsu for bringing this vulnerability to our attention."
            }
          ],
          "datePublic": "2026-05-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Undefined behavior may result due to a race condition leading to a use-after-free violation.  If BIND receives an incoming DNS message signed with SIG(0), it begins work to validate that signature.  If, during that validation, the \"recursive-clients\" limit is reached (as would occur during a query flood), and that same DNS message is discarded per the limit, there is a brief window of time while the SIG(0) validation may attempt to read the now-discarded DNS message.\nThis issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1.\nBIND 9 versions 9.18.28 through 9.18.49 and 9.18.28-S1 through 9.18.49-S1 are NOT affected."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "We are not aware of any active exploits."
            }
          ],
          "impacts": [
            {
              "descriptions": [
                {
                  "lang": "en",
                  "value": "The use of memory after it is freed is undefined (\"dangling pointer\").  The BIND process may abort with a segmentation violation or similar error.  If memory from the discarded message has not been reused or reclaimed, the validation might proceed normally.  Any kind of code execution from such an improper data read is unlikely."
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-362",
                  "description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
                  "lang": "en",
                  "type": "CWE"
                },
                {
                  "cweId": "CWE-416",
                  "description": "CWE-416 Use After Free",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-20T13:10:11.873Z",
            "orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
            "shortName": "isc"
          },
          "references": [
            {
              "name": "CVE-2026-5947",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://kb.isc.org/docs/cve-2026-5947"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.20.23"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.21.22"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to the patched release most closely related to your current version of BIND 9: 9.20.23, 9.21.22, or 9.20.23-S1."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "SIG(0) validation during query flood may lead to undefined behavior",
          "workarounds": [
            {
              "lang": "en",
              "value": "No workarounds known."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
        "assignerShortName": "isc",
        "cveId": "CVE-2026-5947",
        "datePublished": "2026-05-20T13:10:11.873Z",
        "dateReserved": "2026-04-09T06:40:58.672Z",
        "dateUpdated": "2026-06-30T12:11:11.730Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-5946 (GCVE-0-2026-5946)

    Vulnerability from cvelistv5 – Published: 2026-05-20 13:10 – Updated: 2026-06-30 12:11
    VLAI
    Title
    Invalid handling of CLASS != IN
    Summary
    Multiple flaws have been identified in `named` related to the handling of DNS messages whose CLASS is not Internet (`IN`) — for example, `CHAOS` or `HESIOD`, or DNS messages that specify meta-classes (`ANY` or `NONE`) in the question section. Specially crafted requests reaching the affected code paths — recursion, dynamic updates (`UPDATE`), zone change notifications (`NOTIFY`), or processing of `IN`-specific record types in non-`IN` data — can cause assertion failures in `named`. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    • CWE-125 - Out-of-bounds Read
    • CWE-617 - Reachable Assertion
    • CWE-754 - Improper Check for Unusual or Exceptional Conditions
    • CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
    • CWE-1287 - Improper Validation of Specified Type of Input
    Assigner
    isc
    Impacted products
    Vendor Product Version
    ISC BIND 9 Affected: 9.11.0 , ≤ 9.16.50 (custom)
    Affected: 9.18.0 , ≤ 9.18.48 (custom)
    Affected: 9.20.0 , ≤ 9.20.22 (custom)
    Affected: 9.21.0 , ≤ 9.21.21 (custom)
    Affected: 9.11.3-S1 , ≤ 9.16.50-S1 (custom)
    Affected: 9.18.11-S1 , ≤ 9.18.48-S1 (custom)
    Affected: 9.20.9-S1 , ≤ 9.20.22-S1 (custom)
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream (v. 10)     cpe:/o:redhat:enterprise_linux:10.2
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream (v. 8)     cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream (v. 9)     cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS (v. 8)     cpe:/o:redhat:enterprise_linux:8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)     cpe:/o:redhat:enterprise_linux:10.2
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux CRB (v. 8)     cpe:/a:redhat:enterprise_linux:8::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)     cpe:/a:redhat:enterprise_linux:9::crb
    Create a notification for this product.
    Red Hat Red Hat Hardened Images     cpe:/a:redhat:hummingbird:1
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Date Public
    2026-05-20 00:00
    Credits
    ISC would like to thank Mcsky23 for bringing this vulnerability to our attention.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5946",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-20T13:40:04.619504Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-20T13:40:20.966Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10.2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream (v. 10)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:8::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream (v. 8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:9::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream (v. 9)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS (v. 8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10.2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:8::crb"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux CRB (v. 8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:9::crb"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:hummingbird:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Hardened Images",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:6"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-05-21T12:32:55.602Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in the bind component, specifically within the `named` daemon. This vulnerability allows a remote attacker to send specially crafted Domain Name System (DNS) messages. These messages, which use unusual classes or meta-classes, can trigger assertion failures in the `named` daemon when processed. Successful exploitation leads to an application level Denial of Service (DoS), making the DNS service unavailable."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-1287",
                    "description": "Improper Validation of Specified Type of Input",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:11:12.136Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-5946"
              },
              {
                "name": "RHBZ#2479771",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479771"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5946.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24338"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24339"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:23360"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24367"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24368"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:20334"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:24338: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24339: Red Hat Enterprise Linux AppStream (v. 8), Red Hat Enterprise Linux BaseOS (v. 8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:23360: Red Hat Enterprise Linux AppStream (v. 8), Red Hat Enterprise Linux CRB (v. 8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24367: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24368: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:20334: Red Hat Hardened Images"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-05-19T09:57:49.705Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-05-21T12:32:55.602Z",
                "value": "Made public."
              }
            ],
            "title": "bind: BIND: Denial of Service via specially crafted DNS messages",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "BIND 9",
              "vendor": "ISC",
              "versions": [
                {
                  "lessThanOrEqual": "9.16.50",
                  "status": "affected",
                  "version": "9.11.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.48",
                  "status": "affected",
                  "version": "9.18.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.20.22",
                  "status": "affected",
                  "version": "9.20.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.21.21",
                  "status": "affected",
                  "version": "9.21.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.16.50-S1",
                  "status": "affected",
                  "version": "9.11.3-S1",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.48-S1",
                  "status": "affected",
                  "version": "9.18.11-S1",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.20.22-S1",
                  "status": "affected",
                  "version": "9.20.9-S1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.16.50",
                      "versionStartIncluding": "9.11.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.48",
                      "versionStartIncluding": "9.18.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.22",
                      "versionStartIncluding": "9.20.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.21.21",
                      "versionStartIncluding": "9.21.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.16.50-S1",
                      "versionStartIncluding": "9.11.3-S1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.48-S1",
                      "versionStartIncluding": "9.18.11-S1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.22-S1",
                      "versionStartIncluding": "9.20.9-S1",
                      "vulnerable": true
                    }
                  ],
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "ISC would like to thank Mcsky23 for bringing this vulnerability to our attention."
            }
          ],
          "datePublic": "2026-05-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple flaws have been identified in `named` related to the handling of DNS messages whose CLASS is not Internet (`IN`) \u2014 for example, `CHAOS` or `HESIOD`, or DNS messages that specify meta-classes (`ANY` or `NONE`) in the question section. Specially crafted requests reaching the affected code paths \u2014 recursion, dynamic updates (`UPDATE`), zone change notifications (`NOTIFY`), or processing of `IN`-specific record types in non-`IN` data \u2014 can cause assertion failures in `named`.\nThis issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "We are not aware of any active exploits."
            }
          ],
          "impacts": [
            {
              "descriptions": [
                {
                  "lang": "en",
                  "value": "An attacker able to send specially crafted DNS messages to an affected `named` instance can cause it to terminate unexpectedly, resulting in a denial of service."
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                },
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125 Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                },
                {
                  "cweId": "CWE-617",
                  "description": "CWE-617 Reachable Assertion",
                  "lang": "en",
                  "type": "CWE"
                },
                {
                  "cweId": "CWE-754",
                  "description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
                  "lang": "en",
                  "type": "CWE"
                },
                {
                  "cweId": "CWE-843",
                  "description": "CWE-843 Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-20T13:10:03.479Z",
            "orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
            "shortName": "isc"
          },
          "references": [
            {
              "name": "CVE-2026-5946",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://kb.isc.org/docs/cve-2026-5946"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.18.49"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.20.23"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.21.22"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to the patched release most closely related to your current version of BIND 9: 9.18.49, 9.20.23, 9.21.22, 9.18.49-S1, or 9.20.23-S1."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Invalid handling of CLASS != IN",
          "workarounds": [
            {
              "lang": "en",
              "value": "Don\u0027t configure zones other than Internet (`IN`) class. Furthermore, do not expose the server that allows DNS Dynamic Update to the general Internet."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
        "assignerShortName": "isc",
        "cveId": "CVE-2026-5946",
        "datePublished": "2026-05-20T13:10:03.479Z",
        "dateReserved": "2026-04-09T06:40:07.319Z",
        "dateUpdated": "2026-06-30T12:11:12.136Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-3593 (GCVE-0-2026-3593)

    Vulnerability from cvelistv5 – Published: 2026-05-20 13:09 – Updated: 2026-06-30 12:09
    VLAI
    Title
    Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation
    Summary
    A use-after-free vulnerability exists within the DNS-over-HTTPS implementation. This issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1. BIND 9 versions 9.18.0 through 9.18.48 and 9.18.11-S1 through 9.18.48-S1 are NOT affected.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    isc
    Impacted products
    Vendor Product Version
    ISC BIND 9 Affected: 9.20.0 , ≤ 9.20.22 (custom)
    Affected: 9.21.0 , ≤ 9.21.21 (custom)
    Affected: 9.20.9-S1 , ≤ 9.20.22-S1 (custom)
    Unaffected: 9.18.0 , ≤ 9.18.48 (custom)
    Unaffected: 9.18.11-S1 , ≤ 9.18.48-S1 (custom)
    Create a notification for this product.
    Red Hat Red Hat Hardened Images     cpe:/a:redhat:hummingbird:1
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
    Create a notification for this product.
    Date Public
    2026-05-20 00:00
    Credits
    ISC would like to thank Naresh Kandula Parmar (Nottiboy) for bringing this vulnerability to our attention.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-3593",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-20T13:40:34.896109Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-20T13:40:45.166Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:hummingbird:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Hardened Images",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:6"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:7"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat OpenShift Container Platform 4",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-05-21T11:59:02.348Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in the BIND (Berkeley Internet Name Domain) DNS-over-HTTPS implementation. A remote attacker could send specially crafted HTTP/2 traffic to a DNS-over-HTTPS endpoint, leading to a use-after-free vulnerability. This could trigger memory corruption, potentially allowing the attacker to cause a denial of service or, in some cases, execute arbitrary code."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "HIGH",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.4,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-825",
                    "description": "Expired Pointer Dereference",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:09:24.891Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-3593"
              },
              {
                "name": "RHBZ#2479770",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479770"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3593.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:7412"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:7412: Red Hat Hardened Images"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-05-19T09:55:25.800Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-05-21T11:59:02.348Z",
                "value": "Made public."
              }
            ],
            "title": "bind: Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "BIND 9",
              "vendor": "ISC",
              "versions": [
                {
                  "lessThanOrEqual": "9.20.22",
                  "status": "affected",
                  "version": "9.20.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.21.21",
                  "status": "affected",
                  "version": "9.21.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.20.22-S1",
                  "status": "affected",
                  "version": "9.20.9-S1",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.48",
                  "status": "unaffected",
                  "version": "9.18.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.48-S1",
                  "status": "unaffected",
                  "version": "9.18.11-S1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.22",
                      "versionStartIncluding": "9.20.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.21.21",
                      "versionStartIncluding": "9.21.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.22-S1",
                      "versionStartIncluding": "9.20.9-S1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.48",
                      "versionStartIncluding": "9.18.0",
                      "vulnerable": false
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.48-S1",
                      "versionStartIncluding": "9.18.11-S1",
                      "vulnerable": false
                    }
                  ],
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "ISC would like to thank Naresh Kandula Parmar (Nottiboy) for bringing this vulnerability to our attention."
            }
          ],
          "datePublic": "2026-05-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A use-after-free vulnerability exists within the DNS-over-HTTPS implementation.\nThis issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1.\nBIND 9 versions 9.18.0 through 9.18.48 and 9.18.11-S1 through 9.18.48-S1 are NOT affected."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "We are not aware of any active exploits."
            }
          ],
          "impacts": [
            {
              "descriptions": [
                {
                  "lang": "en",
                  "value": "Crafted HTTP/2 traffic sent to a DNS-over-HTTPS endpoint can be used to trigger memory corruption."
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-416",
                  "description": "CWE-416 Use After Free",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-20T13:09:47.178Z",
            "orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
            "shortName": "isc"
          },
          "references": [
            {
              "name": "CVE-2026-3593",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://kb.isc.org/docs/cve-2026-3593"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.20.23"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.21.22"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to the patched release most closely related to your current version of BIND 9: 9.20.23, 9.21.22, or 9.20.23-S1."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation",
          "workarounds": [
            {
              "lang": "en",
              "value": "Configurations not using DNS-over-HTTPS should not be affected.  Disabling DNS-over-HTTPS is likewise an effective workaround."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
        "assignerShortName": "isc",
        "cveId": "CVE-2026-3593",
        "datePublished": "2026-05-20T13:09:47.178Z",
        "dateReserved": "2026-03-05T12:57:16.981Z",
        "dateUpdated": "2026-06-30T12:09:24.891Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-3592 (GCVE-0-2026-3592)

    Vulnerability from cvelistv5 – Published: 2026-05-20 13:09 – Updated: 2026-05-20 13:42
    VLAI
    Title
    Amplification vulnerabilities via self-pointed glue records
    Summary
    BIND resolvers are vulnerable to an amplified resource consumption/exhaustion attack. If a victim resolver makes a query to a specially crafted zone, the resolver will consume disproportionate resources. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-408 - Incorrect Behavior Order - Early Amplification
    Assigner
    isc
    Impacted products
    Vendor Product Version
    ISC BIND 9 Affected: 9.11.0 , ≤ 9.16.50 (custom)
    Affected: 9.18.0 , ≤ 9.18.48 (custom)
    Affected: 9.20.0 , ≤ 9.20.22 (custom)
    Affected: 9.21.0 , ≤ 9.21.21 (custom)
    Affected: 9.11.3-S1 , ≤ 9.16.50-S1 (custom)
    Affected: 9.18.11-S1 , ≤ 9.18.48-S1 (custom)
    Affected: 9.20.9-S1 , ≤ 9.20.22-S1 (custom)
    Create a notification for this product.
    Date Public
    2026-05-20 00:00
    Credits
    ISC would like to thank Shuhan Zhang from Tsinghua University for bringing this vulnerability to our attention.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-3592",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-20T13:42:13.661954Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-20T13:42:21.764Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "BIND 9",
              "vendor": "ISC",
              "versions": [
                {
                  "lessThanOrEqual": "9.16.50",
                  "status": "affected",
                  "version": "9.11.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.48",
                  "status": "affected",
                  "version": "9.18.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.20.22",
                  "status": "affected",
                  "version": "9.20.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.21.21",
                  "status": "affected",
                  "version": "9.21.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.16.50-S1",
                  "status": "affected",
                  "version": "9.11.3-S1",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.48-S1",
                  "status": "affected",
                  "version": "9.18.11-S1",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.20.22-S1",
                  "status": "affected",
                  "version": "9.20.9-S1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.16.50",
                      "versionStartIncluding": "9.11.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.48",
                      "versionStartIncluding": "9.18.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.22",
                      "versionStartIncluding": "9.20.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.21.21",
                      "versionStartIncluding": "9.21.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.16.50-S1",
                      "versionStartIncluding": "9.11.3-S1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.48-S1",
                      "versionStartIncluding": "9.18.11-S1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.22-S1",
                      "versionStartIncluding": "9.20.9-S1",
                      "vulnerable": true
                    }
                  ],
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "ISC would like to thank Shuhan Zhang from Tsinghua University for bringing this vulnerability to our attention."
            }
          ],
          "datePublic": "2026-05-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "BIND resolvers are vulnerable to an amplified resource consumption/exhaustion attack.  If a victim resolver makes a query to a specially crafted zone, the resolver will consume disproportionate resources.\nThis issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "We are not aware of any active exploits."
            }
          ],
          "impacts": [
            {
              "descriptions": [
                {
                  "lang": "en",
                  "value": "An attacker may be able to cause the resolver to consume disproportionate amounts of bandwidth in the attempt to resolve the name.  Impairment of TCP may also be seen.\nThe issue predominately affects recursive resolvers.  Authoritative-only servers containing only trustworthy zones and names should be unaffected.  If an authoritative server can be induced to look up an attack domain (e.g., if loading a zone from an untrusted source), it may be possible to trigger the issue."
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-408",
                  "description": "CWE-408 Incorrect Behavior Order - Early Amplification",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-20T13:09:21.547Z",
            "orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
            "shortName": "isc"
          },
          "references": [
            {
              "name": "CVE-2026-3592",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://kb.isc.org/docs/cve-2026-3592"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.18.49"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.20.23"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.21.22"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to the patched release most closely related to your current version of BIND 9: 9.18.49, 9.20.23, 9.21.22, 9.18.49-S1, or 9.20.23-S1."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Amplification vulnerabilities via self-pointed glue records",
          "workarounds": [
            {
              "lang": "en",
              "value": "No workarounds known."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
        "assignerShortName": "isc",
        "cveId": "CVE-2026-3592",
        "datePublished": "2026-05-20T13:09:21.547Z",
        "dateReserved": "2026-03-05T12:53:33.956Z",
        "dateUpdated": "2026-05-20T13:42:21.764Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-3039 (GCVE-0-2026-3039)

    Vulnerability from cvelistv5 – Published: 2026-05-20 13:09 – Updated: 2026-06-30 12:08
    VLAI
    Title
    BIND 9 server memory exhaustion during GSS-API TKEY negotiation
    Summary
    BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets. Typically these servers will be found in Active Directory integrated DNS deployments and/or Kerberos-secured DNS environments. This issue affects BIND 9 versions 9.0.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.9.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-771 - Missing Reference to Active Allocated Resource
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    isc
    Impacted products
    Vendor Product Version
    ISC BIND 9 Affected: 9.0.0 , ≤ 9.16.50 (custom)
    Affected: 9.18.0 , ≤ 9.18.48 (custom)
    Affected: 9.20.0 , ≤ 9.20.22 (custom)
    Affected: 9.21.0 , ≤ 9.21.21 (custom)
    Affected: 9.9.3-S1 , ≤ 9.16.50-S1 (custom)
    Affected: 9.18.11-S1 , ≤ 9.18.48-S1 (custom)
    Affected: 9.20.9-S1 , ≤ 9.20.22-S1 (custom)
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream (v. 10)     cpe:/o:redhat:enterprise_linux:10.2
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream (v. 8)     cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream (v. 9)     cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS (v. 8)     cpe:/o:redhat:enterprise_linux:8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)     cpe:/o:redhat:enterprise_linux:10.2
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux CRB (v. 8)     cpe:/a:redhat:enterprise_linux:8::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)     cpe:/a:redhat:enterprise_linux:9::crb
    Create a notification for this product.
    Red Hat Red Hat Hardened Images     cpe:/a:redhat:hummingbird:1
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Date Public
    2026-05-20 00:00
    Credits
    ISC would like to thank Vitaly Simonovich for bringing this vulnerability to our attention.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-3039",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-20T13:42:49.621351Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-20T13:43:00.275Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10.2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream (v. 10)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:8::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream (v. 8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:9::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream (v. 9)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS (v. 8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10.2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:8::crb"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux CRB (v. 8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:9::crb"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:hummingbird:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Hardened Images",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:6"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-05-21T12:24:11.051Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in BIND. A remote attacker can exploit this vulnerability by sending maliciously-constructed packets to BIND servers configured for TKEY-based authentication via GSS-API (Generic Security Service Application Program Interface) tokens. This can lead to excessive memory consumption, resulting in a Denial of Service (DoS) for the affected server."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-770",
                    "description": "Allocation of Resources Without Limits or Throttling",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:08:20.151Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-3039"
              },
              {
                "name": "RHBZ#2479767",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479767"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3039.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24338"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24339"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:23360"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24367"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24368"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:20334"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:24338: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24339: Red Hat Enterprise Linux AppStream (v. 8), Red Hat Enterprise Linux BaseOS (v. 8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:23360: Red Hat Enterprise Linux AppStream (v. 8), Red Hat Enterprise Linux CRB (v. 8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24367: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24368: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:20334: Red Hat Hardened Images"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-05-19T09:48:19.212Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-05-21T12:24:11.051Z",
                "value": "Made public."
              }
            ],
            "title": "bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.\n\nExample:\n```bash\n# Edit /etc/named.conf and remove or comment out lines related to tkey-gssapi-keytab or tkey-gssapi-credential.\n# For example, remove or comment out:\n# key \"gssapi-key\" {\n#     algorithm GSSAPI;\n#     secret \"BASE64_ENCODED_KEY\";\n# };\n#\n# Then reload the named service:\nsystemctl reload named\n```\nReloading the `named` service may cause a brief interruption in DNS resolution."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "BIND 9",
              "vendor": "ISC",
              "versions": [
                {
                  "lessThanOrEqual": "9.16.50",
                  "status": "affected",
                  "version": "9.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.48",
                  "status": "affected",
                  "version": "9.18.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.20.22",
                  "status": "affected",
                  "version": "9.20.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.21.21",
                  "status": "affected",
                  "version": "9.21.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.16.50-S1",
                  "status": "affected",
                  "version": "9.9.3-S1",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.48-S1",
                  "status": "affected",
                  "version": "9.18.11-S1",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.20.22-S1",
                  "status": "affected",
                  "version": "9.20.9-S1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.16.50",
                      "versionStartIncluding": "9.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.48",
                      "versionStartIncluding": "9.18.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.22",
                      "versionStartIncluding": "9.20.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.21.21",
                      "versionStartIncluding": "9.21.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.16.50-S1",
                      "versionStartIncluding": "9.9.3-S1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.48-S1",
                      "versionStartIncluding": "9.18.11-S1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.22-S1",
                      "versionStartIncluding": "9.20.9-S1",
                      "vulnerable": true
                    }
                  ],
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "ISC would like to thank Vitaly Simonovich for bringing this vulnerability to our attention."
            }
          ],
          "datePublic": "2026-05-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets.  Typically these servers will be found in Active Directory integrated DNS deployments and/or Kerberos-secured DNS environments.\nThis issue affects BIND 9 versions 9.0.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.9.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "We are not aware of any active exploits."
            }
          ],
          "impacts": [
            {
              "descriptions": [
                {
                  "lang": "en",
                  "value": "An attacker can construct and send packets to a BIND server that will cause it to allocate memory that is not subsequently released.  Depending on the volume and frequency of the packets received, named will eventually fail due to memory exhaustion."
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-771",
                  "description": "CWE-771 Missing Reference to Active Allocated Resource",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-20T13:09:04.126Z",
            "orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
            "shortName": "isc"
          },
          "references": [
            {
              "name": "CVE-2026-3039",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://kb.isc.org/docs/cve-2026-3039"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.18.49"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.20.23"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.21.22"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to the patched release most closely related to your current version of BIND 9: 9.18.49, 9.20.23, 9.21.22, 9.18.49-S1, or 9.20.23-S1."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "BIND 9 server memory exhaustion during GSS-API TKEY negotiation",
          "workarounds": [
            {
              "lang": "en",
              "value": "No workarounds known."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
        "assignerShortName": "isc",
        "cveId": "CVE-2026-3039",
        "datePublished": "2026-05-20T13:09:04.126Z",
        "dateReserved": "2026-02-23T16:28:45.411Z",
        "dateUpdated": "2026-06-30T12:08:20.151Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-3591 (GCVE-0-2026-3591)

    Vulnerability from cvelistv5 – Published: 2026-03-25 13:34 – Updated: 2026-03-25 14:13
    VLAI
    Title
    A stack use-after-return flaw in SIG(0) handling code may enable ACL bypass
    Summary
    A use-after-return vulnerability exists in the `named` server when handling DNS queries signed with SIG(0). Using a specially-crafted DNS request, an attacker may be able to cause an ACL to improperly (mis)match an IP address. In a default-allow ACL (denying only specific IP addresses), this may lead to unauthorized access. Default-deny ACLs should fail-secure. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1. BIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through 9.18.46-S1 are NOT affected.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-562 - Return of Stack Variable Address
    • CWE-305 - Authentication Bypass by Primary Weakness
    Assigner
    isc
    Impacted products
    Vendor Product Version
    ISC BIND 9 Affected: 9.20.0 , ≤ 9.20.20 (custom)
    Affected: 9.21.0 , ≤ 9.21.19 (custom)
    Affected: 9.20.9-S1 , ≤ 9.20.20-S1 (custom)
    Unaffected: 9.18.0 , ≤ 9.18.46 (custom)
    Unaffected: 9.18.11-S1 , ≤ 9.18.46-S1 (custom)
    Create a notification for this product.
    Date Public
    2026-03-25 00:00
    Credits
    ISC would like to thank Mcsky23 for bringing this vulnerability to our attention.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-3591",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-25T14:12:43.295485Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-25T14:13:01.659Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "BIND 9",
              "vendor": "ISC",
              "versions": [
                {
                  "lessThanOrEqual": "9.20.20",
                  "status": "affected",
                  "version": "9.20.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.21.19",
                  "status": "affected",
                  "version": "9.21.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.20.20-S1",
                  "status": "affected",
                  "version": "9.20.9-S1",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.46",
                  "status": "unaffected",
                  "version": "9.18.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.46-S1",
                  "status": "unaffected",
                  "version": "9.18.11-S1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.20",
                      "versionStartIncluding": "9.20.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.21.19",
                      "versionStartIncluding": "9.21.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.20-S1",
                      "versionStartIncluding": "9.20.9-S1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.46",
                      "versionStartIncluding": "9.18.0",
                      "vulnerable": false
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.46-S1",
                      "versionStartIncluding": "9.18.11-S1",
                      "vulnerable": false
                    }
                  ],
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "ISC would like to thank Mcsky23 for bringing this vulnerability to our attention."
            }
          ],
          "datePublic": "2026-03-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A use-after-return vulnerability exists in the `named` server when handling DNS queries signed with SIG(0). Using a specially-crafted DNS request, an attacker may be able to cause an ACL to improperly (mis)match an IP address. In a default-allow ACL (denying only specific IP addresses), this may lead to unauthorized access. Default-deny ACLs should fail-secure.\nThis issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1.\nBIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through 9.18.46-S1 are NOT affected."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "We are not aware of any active exploits."
            }
          ],
          "impacts": [
            {
              "descriptions": [
                {
                  "lang": "en",
                  "value": "An attacker may be able to cause an ACL to improperly (mis)match an IP address.  In a default-allow ACL (denying only specific IP addresses), this may lead to unauthorized access."
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-562",
                  "description": "CWE-562 Return of Stack Variable Address",
                  "lang": "en",
                  "type": "CWE"
                },
                {
                  "cweId": "CWE-305",
                  "description": "CWE-305 Authentication Bypass by Primary Weakness",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-25T13:34:14.202Z",
            "orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
            "shortName": "isc"
          },
          "references": [
            {
              "name": "CVE-2026-3591",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://kb.isc.org/docs/cve-2026-3591"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.20.21"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.21.20"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to the patched release most closely related to your current version of BIND 9: 9.20.21, 9.21.20, or 9.20.21-S1."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "A stack use-after-return flaw in SIG(0) handling code may enable ACL bypass",
          "workarounds": [
            {
              "lang": "en",
              "value": "No workarounds known."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
        "assignerShortName": "isc",
        "cveId": "CVE-2026-3591",
        "datePublished": "2026-03-25T13:34:14.202Z",
        "dateReserved": "2026-03-05T12:50:58.915Z",
        "dateUpdated": "2026-03-25T14:13:01.659Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-3119 (GCVE-0-2026-3119)

    Vulnerability from cvelistv5 – Published: 2026-03-25 13:31 – Updated: 2026-03-25 14:13
    VLAI
    Title
    Authenticated query containing a TKEY record may cause named to terminate unexpectedly
    Summary
    Under certain conditions, `named` may crash when processing a correctly signed query containing a TKEY record. The affected code can only be reached if an incoming request has a valid transaction signature (TSIG) from a key declared in the `named` configuration. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1. BIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through 9.18.46-S1 are NOT affected.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    isc
    Impacted products
    Vendor Product Version
    ISC BIND 9 Affected: 9.20.0 , ≤ 9.20.20 (custom)
    Affected: 9.21.0 , ≤ 9.21.19 (custom)
    Affected: 9.20.9-S1 , ≤ 9.20.20-S1 (custom)
    Unaffected: 9.18.0 , ≤ 9.18.46 (custom)
    Unaffected: 9.18.11-S1 , ≤ 9.18.46-S1 (custom)
    Create a notification for this product.
    Date Public
    2026-03-25 00:00
    Credits
    ISC would like to thank Vitaly Simonovich for bringing this vulnerability to our attention.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-3119",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-25T14:13:41.579382Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-25T14:13:54.588Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "BIND 9",
              "vendor": "ISC",
              "versions": [
                {
                  "lessThanOrEqual": "9.20.20",
                  "status": "affected",
                  "version": "9.20.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.21.19",
                  "status": "affected",
                  "version": "9.21.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.20.20-S1",
                  "status": "affected",
                  "version": "9.20.9-S1",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.46",
                  "status": "unaffected",
                  "version": "9.18.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.46-S1",
                  "status": "unaffected",
                  "version": "9.18.11-S1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.20",
                      "versionStartIncluding": "9.20.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.21.19",
                      "versionStartIncluding": "9.21.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.20-S1",
                      "versionStartIncluding": "9.20.9-S1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.46",
                      "versionStartIncluding": "9.18.0",
                      "vulnerable": false
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.46-S1",
                      "versionStartIncluding": "9.18.11-S1",
                      "vulnerable": false
                    }
                  ],
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "ISC would like to thank Vitaly Simonovich for bringing this vulnerability to our attention."
            }
          ],
          "datePublic": "2026-03-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Under certain conditions, `named` may crash when processing a correctly signed query containing a TKEY record. The affected code can only be reached if an incoming request has a valid transaction signature (TSIG) from a key declared in the `named` configuration.\nThis issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1.\nBIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through 9.18.46-S1 are NOT affected."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "We are not aware of any active exploits."
            }
          ],
          "impacts": [
            {
              "descriptions": [
                {
                  "lang": "en",
                  "value": "If this situation is encountered, `named` will terminate unexpectedly."
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-617",
                  "description": "CWE-617 Reachable Assertion",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-25T13:31:54.806Z",
            "orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
            "shortName": "isc"
          },
          "references": [
            {
              "name": "CVE-2026-3119",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://kb.isc.org/docs/cve-2026-3119"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.20.21"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.21.20"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to the patched release most closely related to your current version of BIND 9: 9.20.21, 9.21.20, or 9.20.21-S1."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Authenticated query containing a TKEY record may cause named to terminate unexpectedly",
          "workarounds": [
            {
              "lang": "en",
              "value": "Remove any TSIG keys that might be used by an attacker."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
        "assignerShortName": "isc",
        "cveId": "CVE-2026-3119",
        "datePublished": "2026-03-25T13:31:54.806Z",
        "dateReserved": "2026-02-24T12:29:14.561Z",
        "dateUpdated": "2026-03-25T14:13:54.588Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-3104 (GCVE-0-2026-3104)

    Vulnerability from cvelistv5 – Published: 2026-03-25 13:29 – Updated: 2026-06-30 12:08
    VLAI
    Title
    Memory leak in code preparing DNSSEC proofs of non-existence
    Summary
    A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1. BIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through 9.18.46-S1 are NOT affected.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-772 - Missing Release of Resource after Effective Lifetime
    Assigner
    isc
    Impacted products
    Vendor Product Version
    ISC BIND 9 Affected: 9.20.0 , ≤ 9.20.20 (custom)
    Affected: 9.21.0 , ≤ 9.21.19 (custom)
    Affected: 9.20.9-S1 , ≤ 9.20.20-S1 (custom)
    Unaffected: 9.18.0 , ≤ 9.18.46 (custom)
    Unaffected: 9.18.11-S1 , ≤ 9.18.46-S1 (custom)
    Create a notification for this product.
    Red Hat Red Hat Hardened Images     cpe:/a:redhat:hummingbird:1
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
    Create a notification for this product.
    Date Public
    2026-03-25 00:00
    Credits
    ISC would like to thank Vitaly Simonovich for bringing this vulnerability to our attention.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-3104",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-25T14:56:20.362810Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-25T14:56:26.373Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:hummingbird:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Hardened Images",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:6"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:7"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat OpenShift Container Platform 4",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-03-25T13:29:19.494Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in the BIND resolver. A remote attacker can exploit this vulnerability by querying a specially crafted domain, which causes a memory leak. This memory leak can lead to a Denial of Service (DoS) condition, making the BIND resolver unavailable to legitimate users."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-772",
                    "description": "Missing Release of Resource after Effective Lifetime",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:08:17.924Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-3104"
              },
              {
                "name": "RHBZ#2451310",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451310"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3104.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:6935"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:6935: Red Hat Hardened Images"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-03-25T14:02:15.067Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-03-25T13:29:19.494Z",
                "value": "Made public."
              }
            ],
            "title": "bind: BIND: Denial of Service via specially crafted domain query causing a memory leak",
            "workarounds": [
              {
                "lang": "en",
                "value": "To mitigate this issue, restrict access to the BIND resolver to trusted clients only. This can be achieved by configuring firewall rules to limit inbound connections to port 53 (UDP/TCP) from known, authorized IP addresses or networks. Alternatively, configure BIND to listen only on specific trusted interfaces or localhost.\n\nExample using firewalld:\n`firewall-cmd --permanent --add-rich-rule=\u0027rule family=\"ipv4\" source address=\"\u003cTRUSTED_IP_OR_NETWORK\u003e\" port port=53 protocol=\"udp\" accept\u0027`\n`firewall-cmd --permanent --add-rich-rule=\u0027rule family=\"ipv4\" source address=\"\u003cTRUSTED_IP_OR_NETWORK\u003e\" port port=53 protocol=\"tcp\" accept\u0027`\n`firewall-cmd --reload`\n\nAfter applying changes, a restart of the BIND service may be required for the new configuration to take full effect. This may temporarily interrupt DNS resolution services."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "BIND 9",
              "vendor": "ISC",
              "versions": [
                {
                  "lessThanOrEqual": "9.20.20",
                  "status": "affected",
                  "version": "9.20.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.21.19",
                  "status": "affected",
                  "version": "9.21.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.20.20-S1",
                  "status": "affected",
                  "version": "9.20.9-S1",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.46",
                  "status": "unaffected",
                  "version": "9.18.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.46-S1",
                  "status": "unaffected",
                  "version": "9.18.11-S1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.20",
                      "versionStartIncluding": "9.20.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.21.19",
                      "versionStartIncluding": "9.21.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.20-S1",
                      "versionStartIncluding": "9.20.9-S1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.46",
                      "versionStartIncluding": "9.18.0",
                      "vulnerable": false
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.46-S1",
                      "versionStartIncluding": "9.18.11-S1",
                      "vulnerable": false
                    }
                  ],
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "ISC would like to thank Vitaly Simonovich for bringing this vulnerability to our attention."
            }
          ],
          "datePublic": "2026-03-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain.\nThis issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1.\nBIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through 9.18.46-S1 are NOT affected."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "We are not aware of any active exploits."
            }
          ],
          "impacts": [
            {
              "descriptions": [
                {
                  "lang": "en",
                  "value": "If a BIND resolver is asked to query a specially crafted domain, memory will not be recovered by `named`. This can cause unbounded growth of Resident Set Size (RSS) memory, which may lead to an out-of-memory condition. Additionally, `named` will exit with an assertion failure if a shutdown or reload is attempted."
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-772",
                  "description": "CWE-772 Missing Release of Resource after Effective Lifetime",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-25T13:29:19.494Z",
            "orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
            "shortName": "isc"
          },
          "references": [
            {
              "name": "CVE-2026-3104",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://kb.isc.org/docs/cve-2026-3104"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.20.21"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.21.20"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to the patched release most closely related to your current version of BIND 9: 9.20.21, 9.21.20, or 9.20.21-S1."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Memory leak in code preparing DNSSEC proofs of non-existence",
          "workarounds": [
            {
              "lang": "en",
              "value": "No workarounds known."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
        "assignerShortName": "isc",
        "cveId": "CVE-2026-3104",
        "datePublished": "2026-03-25T13:29:19.494Z",
        "dateReserved": "2026-02-24T10:04:57.917Z",
        "dateUpdated": "2026-06-30T12:08:17.924Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-1519 (GCVE-0-2026-1519)

    Vulnerability from cvelistv5 – Published: 2026-03-25 13:25 – Updated: 2026-06-30 12:07
    VLAI
    Title
    Excessive NSEC3 iterations cause high CPU load during insecure delegation validation
    Summary
    If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries (see: https://kb.isc.org/docs/why-does-my-authoritative-server-make-recursive-queries). This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.46, 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.46-S1, and 9.20.9-S1 through 9.20.20-S1.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-606 - Unchecked Input for Loop Condition
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    isc
    References
    URL Tags
    https://kb.isc.org/docs/cve-2026-1519 vendor-advisory
    https://downloads.isc.org/isc/bind9/9.18.47 patch
    https://downloads.isc.org/isc/bind9/9.20.21 patch
    https://downloads.isc.org/isc/bind9/9.21.20 patch
    https://lists.debian.org/debian-lts-announce/2026…
    https://access.redhat.com/security/cve/CVE-2026-1519 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2451305 issue-trackingx_refsource_REDHAT
    https://security.access.redhat.com/data/csaf/v2/v… x_sadp-csaf-vex
    https://access.redhat.com/errata/RHSA-2026:11372 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:11371 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:24851 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:8312 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:8352 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:8155 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:16064 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:16060 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:25171 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:15890 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:25083 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:29110 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:25214 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:24500 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:24934 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:8075 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:7915 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:6935 vendor-advisoryx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    ISC BIND 9 Affected: 9.11.0 , ≤ 9.16.50 (custom)
    Affected: 9.18.0 , ≤ 9.18.46 (custom)
    Affected: 9.20.0 , ≤ 9.20.20 (custom)
    Affected: 9.21.0 , ≤ 9.21.19 (custom)
    Affected: 9.11.3-S1 , ≤ 9.16.50-S1 (custom)
    Affected: 9.18.11-S1 , ≤ 9.18.46-S1 (custom)
    Affected: 9.20.9-S1 , ≤ 9.20.20-S1 (custom)
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Server -EXTENSION(v. 6 ELS-EXTENSION)     cpe:/o:redhat:rhel_els:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Server Optional -EXTENSION (v. 6 ELS -EXTENSION)     cpe:/o:redhat:rhel_els:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Server (v. 7 ELS)     cpe:/o:redhat:rhel_els:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Server Optional (v. 7 ELS)     cpe:/o:redhat:rhel_els:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream EUS (v. 10.0)     cpe:/o:redhat:enterprise_linux_eus:10.0
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream (v. 10)     cpe:/o:redhat:enterprise_linux:10.1
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream (v. 8)     cpe:/a:redhat:enterprise_linux:8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream AUS (v.8.4)     cpe:/a:redhat:rhel_aus:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)     cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream AUS (v.8.6)     cpe:/a:redhat:rhel_aus:8.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream E4S (v.8.6)     cpe:/a:redhat:rhel_e4s:8.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.6)     cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream TUS (v.8.6)     cpe:/a:redhat:rhel_tus:8.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream E4S (v.8.8)     cpe:/a:redhat:rhel_e4s:8.8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream TUS (v.8.8)     cpe:/a:redhat:rhel_tus:8.8::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream E4S (v.9.2)     cpe:/a:redhat:rhel_e4s:9.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream E4S (v.9.4)     cpe:/a:redhat:rhel_e4s:9.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream EUS (v.9.6)     cpe:/a:redhat:rhel_eus:9.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream (v. 9)     cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS (v. 8)     cpe:/o:redhat:enterprise_linux:8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS AUS (v.8.4)     cpe:/o:redhat:rhel_aus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)     cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS AUS (v.8.6)     cpe:/o:redhat:rhel_aus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS E4S (v.8.6)     cpe:/o:redhat:rhel_e4s:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS TUS (v.8.6)     cpe:/o:redhat:rhel_tus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS E4S (v.8.8)     cpe:/o:redhat:rhel_e4s:8.8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS TUS (v.8.8)     cpe:/o:redhat:rhel_tus:8.8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)     cpe:/o:redhat:enterprise_linux:10.1
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux CRB (v. 8)     cpe:/a:redhat:enterprise_linux:8::crb
    Create a notification for this product.
    Red Hat Red Hat CodeReady Linux Builder EUS (v.9.6)     cpe:/a:redhat:rhel_eus:9.6::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)     cpe:/a:redhat:enterprise_linux:9::crb
    Create a notification for this product.
    Red Hat Red Hat Hardened Images     cpe:/a:redhat:hummingbird:1
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)     cpe:/o:redhat:enterprise_linux_eus:10.0
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Date Public
    2026-03-25 00:00
    Credits
    ISC would like to thank Samy Medjahed/Ap4sh for bringing this vulnerability to our attention.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-1519",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-25T14:55:33.427270Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-25T14:55:40.032Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2026-04-13T09:35:57.526Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://lists.debian.org/debian-lts-announce/2026/04/msg00008.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_els:6"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Server -EXTENSION(v. 6 ELS-EXTENSION)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_els:6"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Server Optional -EXTENSION (v. 6 ELS -EXTENSION)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_els:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Server (v. 7 ELS)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_els:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux_eus:10.0"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10.1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream (v. 10)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:8::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream (v. 8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_aus:8.4::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream AUS (v.8.4)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_aus:8.6::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream AUS (v.8.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_e4s:8.6::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream E4S (v.8.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_tus:8.6::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream TUS (v.8.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_e4s:8.8::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream E4S (v.8.8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_tus:8.8::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream TUS (v.8.8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_e4s:9.2::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream E4S (v.9.2)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_e4s:9.4::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream E4S (v.9.4)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_eus:9.6::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:9::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream (v. 9)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS (v. 8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_aus:8.4::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_aus:8.6::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_e4s:8.6::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_tus:8.6::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_e4s:8.8::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_tus:8.8::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10.1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:8::crb"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux CRB (v. 8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_eus:9.6::crb"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat CodeReady Linux Builder EUS (v.9.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:9::crb"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:hummingbird:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Hardened Images",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux_eus:10.0"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-03-25T13:25:19.802Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in BIND. A remote attacker could exploit this vulnerability by sending a maliciously crafted DNSSEC-validated zone to a BIND resolver. This could cause the resolver to consume excessive CPU resources, leading to a denial of service (DoS) for legitimate users."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-770",
                    "description": "Allocation of Resources Without Limits or Throttling",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:07:09.467Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-1519"
              },
              {
                "name": "RHBZ#2451305",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451305"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1519.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:11372"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:11371"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24851"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:8312"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:8352"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:8155"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:16064"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:16060"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:25171"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:15890"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:25083"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:29110"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:25214"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24500"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:24934"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:8075"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:7915"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:6935"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:11372: Red Hat Enterprise Linux Server -EXTENSION(v. 6 ELS-EXTENSION), Red Hat Enterprise Linux Server Optional -EXTENSION (v. 6 ELS -EXTENSION)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:11371: Red Hat Enterprise Linux Server (v. 7 ELS), Red Hat Enterprise Linux Server Optional (v. 7 ELS)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24851: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:8312: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:8352: Red Hat Enterprise Linux AppStream (v. 8), Red Hat Enterprise Linux BaseOS (v. 8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:8155: Red Hat Enterprise Linux AppStream (v. 8), Red Hat Enterprise Linux CRB (v. 8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:16064: Red Hat Enterprise Linux AppStream AUS (v.8.4), Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4), Red Hat Enterprise Linux BaseOS AUS (v.8.4), Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:16060: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6), Red Hat Enterprise Linux BaseOS AUS (v.8.6), Red Hat Enterprise Linux BaseOS E4S (v.8.6), Red Hat Enterprise Linux BaseOS TUS (v.8.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:25171: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:15890: Red Hat Enterprise Linux AppStream E4S (v.8.8), Red Hat Enterprise Linux AppStream TUS (v.8.8), Red Hat Enterprise Linux BaseOS E4S (v.8.8), Red Hat Enterprise Linux BaseOS TUS (v.8.8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:25083: Red Hat Enterprise Linux AppStream E4S (v.8.8), Red Hat Enterprise Linux AppStream TUS (v.8.8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:29110: Red Hat Enterprise Linux AppStream E4S (v.9.2)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:25214: Red Hat Enterprise Linux AppStream E4S (v.9.4)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24500: Red Hat CodeReady Linux Builder EUS (v.9.6), Red Hat Enterprise Linux AppStream EUS (v.9.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:24934: Red Hat CodeReady Linux Builder EUS (v.9.6), Red Hat Enterprise Linux AppStream EUS (v.9.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:8075: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:7915: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:6935: Red Hat Hardened Images"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-03-25T14:01:56.586Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-03-25T13:25:19.802Z",
                "value": "Made public."
              }
            ],
            "title": "bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone",
            "workarounds": [
              {
                "lang": "en",
                "value": "To mitigate this issue, disable DNSSEC validation on affected BIND resolvers. Alternatively, configure the BIND server as authoritative-only if recursive queries are not required. Disabling DNSSEC validation may reduce the security posture of the DNS resolver. A restart of the BIND service (`named`) is required for these changes to take effect and may temporarily interrupt DNS resolution."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "BIND 9",
              "vendor": "ISC",
              "versions": [
                {
                  "lessThanOrEqual": "9.16.50",
                  "status": "affected",
                  "version": "9.11.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.46",
                  "status": "affected",
                  "version": "9.18.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.20.20",
                  "status": "affected",
                  "version": "9.20.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.21.19",
                  "status": "affected",
                  "version": "9.21.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.16.50-S1",
                  "status": "affected",
                  "version": "9.11.3-S1",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.46-S1",
                  "status": "affected",
                  "version": "9.18.11-S1",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.20.20-S1",
                  "status": "affected",
                  "version": "9.20.9-S1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.16.50",
                      "versionStartIncluding": "9.11.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.46",
                      "versionStartIncluding": "9.18.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.20",
                      "versionStartIncluding": "9.20.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.21.19",
                      "versionStartIncluding": "9.21.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.16.50-S1",
                      "versionStartIncluding": "9.11.3-S1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.46-S1",
                      "versionStartIncluding": "9.18.11-S1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.20-S1",
                      "versionStartIncluding": "9.20.9-S1",
                      "vulnerable": true
                    }
                  ],
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "ISC would like to thank Samy Medjahed/Ap4sh for bringing this vulnerability to our attention."
            }
          ],
          "datePublic": "2026-03-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries (see: https://kb.isc.org/docs/why-does-my-authoritative-server-make-recursive-queries).\nThis issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.46, 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.46-S1, and 9.20.9-S1 through 9.20.20-S1."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "We are not aware of any active exploits."
            }
          ],
          "impacts": [
            {
              "descriptions": [
                {
                  "lang": "en",
                  "value": "If this issue is encountered, the resolver may experience excessive CPU consumption and a sharp decrease in the number of queries per second that it can handle."
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-606",
                  "description": "CWE-606 Unchecked Input for Loop Condition",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-25T13:25:19.802Z",
            "orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
            "shortName": "isc"
          },
          "references": [
            {
              "name": "CVE-2026-1519",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://kb.isc.org/docs/cve-2026-1519"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.18.47"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.20.21"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.21.20"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to the patched release most closely related to your current version of BIND 9: 9.18.47, 9.20.21, 9.21.20, 9.18.47-S1, or 9.20.21-S1."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Excessive NSEC3 iterations cause high CPU load during insecure delegation validation",
          "workarounds": [
            {
              "lang": "en",
              "value": "This is not recommended, but disabling DNSSEC (`dnssec-validation no;`) prevents exploitation of this issue."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
        "assignerShortName": "isc",
        "cveId": "CVE-2026-1519",
        "datePublished": "2026-03-25T13:25:19.802Z",
        "dateReserved": "2026-01-28T09:54:49.514Z",
        "dateUpdated": "2026-06-30T12:07:09.467Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-3608 (GCVE-0-2026-3608)

    Vulnerability from cvelistv5 – Published: 2026-03-25 08:46 – Updated: 2026-06-30 12:09
    VLAI
    Title
    Stack overflow in Kea daemons
    Summary
    Sending a maliciously crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6 daemons over any configured API socket or HA listener can cause the receiving daemon to exit with a stack overflow error. This issue affects Kea versions 2.6.0 through 2.6.4 and 3.0.0 through 3.0.2.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    isc
    Date Public
    2026-03-25 00:00
    Credits
    ISC would like to thank Ali Norouzi of Keysight for bringing this vulnerability to our attention.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-3608",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-25T13:26:04.073699Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-25T13:26:12.153Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2026-03-25T17:22:19.777Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/03/25/6"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux_eus:10.0"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10.1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream (v. 10)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux_eus:10.0"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10.1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS (v. 10)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux_eus:10.0"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10.1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-03-25T08:46:48.992Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Kea. A remote attacker can send a maliciously crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6 daemons over any configured API socket or HA listener. This can cause a stack overflow error, leading to the daemon exiting and resulting in a Denial of Service (DoS)."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-617",
                    "description": "Reachable Assertion",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:09:23.983Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-3608"
              },
              {
                "name": "RHBZ#2451139",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451139"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3608.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:11344"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:7342"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:11344: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux BaseOS EUS (v. 10.0), Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:7342: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux BaseOS (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-03-25T09:01:15.192Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-03-25T08:46:48.992Z",
                "value": "Made public."
              }
            ],
            "title": "Kea: Kea: Denial of Service via maliciously crafted message",
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Kea",
              "vendor": "ISC",
              "versions": [
                {
                  "lessThanOrEqual": "2.6.4",
                  "status": "affected",
                  "version": "2.6.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "3.0.2",
                  "status": "affected",
                  "version": "3.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:isc:kea:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "2.6.4",
                      "versionStartIncluding": "2.6.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:kea:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "3.0.2",
                      "versionStartIncluding": "3.0.0",
                      "vulnerable": true
                    }
                  ],
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "ISC would like to thank Ali Norouzi of Keysight for bringing this vulnerability to our attention."
            }
          ],
          "datePublic": "2026-03-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Sending a maliciously crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6 daemons over any configured API socket or HA listener can cause the receiving daemon to exit with a stack overflow error.\nThis issue affects Kea versions 2.6.0 through 2.6.4 and 3.0.0 through 3.0.2."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "We are not aware of any active exploits."
            }
          ],
          "impacts": [
            {
              "descriptions": [
                {
                  "lang": "en",
                  "value": "Loss of DHCP services"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-617",
                  "description": "CWE-617 Reachable Assertion",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-25T08:46:48.992Z",
            "orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
            "shortName": "isc"
          },
          "references": [
            {
              "name": "CVE-2026-3608",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://kb.isc.org/docs/cve-2026-3608"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/kea/2.6.5"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/kea/3.0.3"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to the patched release most closely related to your current version of Kea: 2.6.5 or 3.0.3."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Stack overflow in Kea daemons",
          "workarounds": [
            {
              "lang": "en",
              "value": "Securing the API sockets with TLS, and requiring the client to authenticate with a certificate (mutual authentication), prevents the attacker from establishing an API connection to Kea.  Set cert-required to true (the default) to require a client certificate.  See: https://kea.readthedocs.io/en/stable/arm/security.html#tls-https-configuration"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
        "assignerShortName": "isc",
        "cveId": "CVE-2026-3608",
        "datePublished": "2026-03-25T08:46:48.992Z",
        "dateReserved": "2026-03-05T17:47:36.088Z",
        "dateUpdated": "2026-06-30T12:09:23.983Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-13878 (GCVE-0-2025-13878)

    Vulnerability from cvelistv5 – Published: 2026-01-21 14:43 – Updated: 2026-06-30 12:07
    VLAI
    Title
    Malformed BRID/HHIT records can cause named to terminate unexpectedly
    Summary
    Malformed BRID/HHIT records can cause `named` to terminate unexpectedly. This issue affects BIND 9 versions 9.18.40 through 9.18.43, 9.20.13 through 9.20.17, 9.21.12 through 9.21.16, 9.18.40-S1 through 9.18.43-S1, and 9.20.13-S1 through 9.20.17-S1.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-617 - Reachable Assertion
    • CWE-1286 - Improper Validation of Syntactic Correctness of Input
    Assigner
    isc
    Impacted products
    Vendor Product Version
    ISC BIND 9 Affected: 9.18.40 , ≤ 9.18.43 (custom)
    Affected: 9.20.13 , ≤ 9.20.17 (custom)
    Affected: 9.21.12 , ≤ 9.21.16 (custom)
    Affected: 9.18.40-S1 , ≤ 9.18.43-S1 (custom)
    Affected: 9.20.13-S1 , ≤ 9.20.17-S1 (custom)
    Create a notification for this product.
    Red Hat Red Hat Hardened Images     cpe:/a:redhat:hummingbird:1
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
    Create a notification for this product.
    Date Public
    2026-01-21 00:00
    Credits
    ISC would like to thank Vlatko Kosturjak from Marlink Cyber for bringing this vulnerability to our attention.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-13878",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-21T14:57:50.807267Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-21T14:58:14.618Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2026-01-21T18:13:38.157Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/01/21/3"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:hummingbird:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Hardened Images",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:6"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:7"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat OpenShift Container Platform 4",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-01-21T00:00:00.000Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in bind. A remote attacker can send a specially crafted request that results in a corrupt or malicious record, causing the \u0027named\u0027 service to crash. This vulnerability leads to a Denial of Service (DoS) for authoritative servers and resolvers."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-1286",
                    "description": "Improper Validation of Syntactic Correctness of Input",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:07:24.982Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2025-13878"
              },
              {
                "name": "RHBZ#2431600",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431600"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-13878.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:6935"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:6935: Red Hat Hardened Images"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-01-21T13:45:49.972Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-01-21T00:00:00.000Z",
                "value": "Made public."
              }
            ],
            "title": "bind: bind: Denial of Service via corrupt or malicious record",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "BIND 9",
              "vendor": "ISC",
              "versions": [
                {
                  "lessThanOrEqual": "9.18.43",
                  "status": "affected",
                  "version": "9.18.40",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.20.17",
                  "status": "affected",
                  "version": "9.20.13",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.21.16",
                  "status": "affected",
                  "version": "9.21.12",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.18.43-S1",
                  "status": "affected",
                  "version": "9.18.40-S1",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.20.17-S1",
                  "status": "affected",
                  "version": "9.20.13-S1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.43",
                      "versionStartIncluding": "9.18.40",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.17",
                      "versionStartIncluding": "9.20.13",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.21.16",
                      "versionStartIncluding": "9.21.12",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.18.43-S1",
                      "versionStartIncluding": "9.18.40-S1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "9.20.17-S1",
                      "versionStartIncluding": "9.20.13-S1",
                      "vulnerable": true
                    }
                  ],
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "ISC would like to thank Vlatko Kosturjak from Marlink Cyber for bringing this vulnerability to our attention."
            }
          ],
          "datePublic": "2026-01-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Malformed BRID/HHIT records can cause `named` to terminate unexpectedly.\nThis issue affects BIND 9 versions 9.18.40 through 9.18.43, 9.20.13 through 9.20.17, 9.21.12 through 9.21.16, 9.18.40-S1 through 9.18.43-S1, and 9.20.13-S1 through 9.20.17-S1."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "We are not aware of any active exploits."
            }
          ],
          "impacts": [
            {
              "descriptions": [
                {
                  "lang": "en",
                  "value": "An attacker can cause `named` to crash by sending a request that results in a corrupt or malicious record."
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-617",
                  "description": "CWE-617 Reachable Assertion",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-21T14:43:27.260Z",
            "orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
            "shortName": "isc"
          },
          "references": [
            {
              "name": "CVE-2025-13878",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://kb.isc.org/docs/cve-2025-13878"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.18.44"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.20.18"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://downloads.isc.org/isc/bind9/9.21.17"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to the patched release most closely related to your current version of BIND 9: 9.18.44, 9.20.18, 9.21.17, 9.18.44-S1, or 9.20.18-S1."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Malformed BRID/HHIT records can cause named to terminate unexpectedly",
          "workarounds": [
            {
              "lang": "en",
              "value": "No workarounds known."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
        "assignerShortName": "isc",
        "cveId": "CVE-2025-13878",
        "datePublished": "2026-01-21T14:43:27.260Z",
        "dateReserved": "2025-12-02T11:08:04.266Z",
        "dateUpdated": "2026-06-30T12:07:24.982Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-11232 (GCVE-0-2025-11232)

    Vulnerability from cvelistv5 – Published: 2025-10-29 18:02 – Updated: 2025-11-04 21:09
    VLAI
    Title
    Invalid characters cause assert
    Summary
    To trigger the issue, three configuration parameters must have specific settings: "hostname-char-set" must be left at the default setting, which is "[^A-Za-z0-9.-]"; "hostname-char-replacement" must be empty (the default); and "ddns-qualifying-suffix" must *NOT* be empty (the default is empty). DDNS updates do not need to be enabled for this issue to manifest. A client that sends certain option content would then cause kea-dhcp4 to exit unexpectedly. This issue affects Kea versions 3.0.1 through 3.0.1 and 3.1.1 through 3.1.2.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-823 - Use of Out-of-range Pointer Offset
    Assigner
    isc
    Impacted products
    Vendor Product Version
    ISC Kea Affected: 3.0.1 , ≤ 3.0.1 (custom)
    Affected: 3.1.1 , ≤ 3.1.2 (custom)
    Unaffected: 2.6.0 , ≤ 2.6.4 (custom)
    Unaffected: 2.7.0 , ≤ 2.7.9 (custom)
    Unaffected: 3.0.0 , ≤ 3.0.0 (custom)
    Unaffected: 3.1.0 , ≤ 3.1.0 (custom)
    Create a notification for this product.
    Date Public
    2025-10-29 00:00
    Credits
    ISC would like to thank Siniša Uskoković and Ralf Steuer from Vienna University of Economics and Business for bringing this vulnerability to our attention.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-11232",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-29T18:22:07.119804Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-29T18:22:23.455Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-04T21:09:09.184Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2025/10/29/5"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Kea",
              "vendor": "ISC",
              "versions": [
                {
                  "lessThanOrEqual": "3.0.1",
                  "status": "affected",
                  "version": "3.0.1",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "3.1.2",
                  "status": "affected",
                  "version": "3.1.1",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "2.6.4",
                  "status": "unaffected",
                  "version": "2.6.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "2.7.9",
                  "status": "unaffected",
                  "version": "2.7.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "3.0.0",
                  "status": "unaffected",
                  "version": "3.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "3.1.0",
                  "status": "unaffected",
                  "version": "3.1.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "ISC would like to thank Sini\u0161a Uskokovi\u0107 and Ralf Steuer from Vienna University of Economics and Business for bringing this vulnerability to our attention."
            }
          ],
          "datePublic": "2025-10-29T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "To trigger the issue, three configuration parameters must have specific settings: \"hostname-char-set\" must be left at the default setting, which is \"[^A-Za-z0-9.-]\"; \"hostname-char-replacement\" must be empty (the default); and \"ddns-qualifying-suffix\" must *NOT* be empty (the default is empty). DDNS updates do not need to be enabled for this issue to manifest. A client that sends certain option content would then cause kea-dhcp4 to exit unexpectedly.\nThis issue affects Kea versions 3.0.1 through 3.0.1 and 3.1.1 through 3.1.2."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "We are not aware of any active exploits."
            }
          ],
          "impacts": [
            {
              "descriptions": [
                {
                  "lang": "en",
                  "value": "A denial of service from the repeated attacks against the Kea server"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-823",
                  "description": "CWE-823 Use of Out-of-range Pointer Offset",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-29T18:02:39.421Z",
            "orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
            "shortName": "isc"
          },
          "references": [
            {
              "name": "CVE-2025-11232",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://kb.isc.org/docs/cve-2025-11232"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to the patched release most closely related to your current version of Kea: 3.0.2 or 3.1.3."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Invalid characters cause assert",
          "workarounds": [
            {
              "lang": "en",
              "value": "Setting \"hostname-char-replacement\" to anything other than an empty value (suggestion: \"x\") is an effective workaround to this issue, regardless of other settings."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
        "assignerShortName": "isc",
        "cveId": "CVE-2025-11232",
        "datePublished": "2025-10-29T18:02:39.421Z",
        "dateReserved": "2025-10-01T15:15:46.992Z",
        "dateUpdated": "2025-11-04T21:09:09.184Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }