Isc Bind 9
60 CVEs affecting Isc Bind 9. Latest disclosed: 2026-05-20. Critical: 0, High: 42.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-40780 | High | 8.6 | 2025-10-22 | In specific circumstances, due to a weakness in the Pseudo Random Number Generator (PRNG) that is used, it is possible for an attacker to predict the source po… |
CVE-2025-40778 | High | 8.6 | 2025-10-22 | Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue aff… |
CVE-2025-40776 | High | 8.6 | 2025-07-16 | A `named` caching resolver that is configured to send ECS (EDNS Client Subnet) options may be vulnerable to a cache-poisoning attack. This issue affects BIND 9… |
CVE-2026-5947 | High | 7.5 | 2026-05-20 | Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG(0), it b… |
CVE-2026-5946 | High | 7.5 | 2026-05-20 | Multiple flaws have been identified in `named` related to the handling of DNS messages whose CLASS is not Internet (`IN`) — for example, `CHAOS` or `HESIOD`, o… |
CVE-2026-3039 | High | 7.5 | 2026-05-20 | BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processi… |
CVE-2026-3104 | High | 7.5 | 2026-03-25 | A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain. This issue affects BIND 9 versions 9.20.0 thro… |
CVE-2026-1519 | High | 7.5 | 2026-03-25 | If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only server… |
CVE-2025-13878 | High | 7.5 | 2026-01-21 | Malformed BRID/HHIT records can cause `named` to terminate unexpectedly. This issue affects BIND 9 versions 9.18.40 through 9.18.43, 9.20.13 through 9.20.17, 9… |
CVE-2025-8677 | High | 7.5 | 2025-10-22 | Querying for records within a specially crafted zone containing certain malformed DNSKEY records can lead to CPU exhaustion. This issue affects BIND 9 versions… |
CVE-2025-40777 | High | 7.5 | 2025-07-16 | If a `named` caching resolver is configured with `serve-stale-enable` `yes`, and with `stale-answer-client-timeout` set to `0` (the only allowable value other… |
CVE-2025-40775 | High | 7.5 | 2025-05-21 | When an incoming DNS protocol message includes a Transaction Signature (TSIG), BIND always checks it. If the TSIG contains an invalid value in the algorithm f… |
CVE-2024-12705 | High | 7.5 | 2025-01-29 | Clients using DNS-over-HTTPS (DoH) can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affec… |
CVE-2024-11187 | High | 7.5 | 2025-01-29 | It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An attacker send… |
CVE-2024-4076 | High | 7.5 | 2024-07-23 | Client queries that trigger serving stale data and that also require lookups in local authoritative zone data may result in an assertion failure. This issue af… |
CVE-2024-1975 | High | 7.5 | 2024-07-23 | If a server hosts a zone containing a "KEY" Resource Record, or a resolver DNSSEC-validates a "KEY" Resource Record from a DNSSEC-signed domain in cache, a cli… |
CVE-2024-1737 | High | 7.5 | 2024-07-23 | Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname (of any RTYPE) can suffer from degraded performance… |
CVE-2024-0760 | High | 7.5 | 2024-07-23 | A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recov… |
CVE-2023-6516 | High | 7.5 | 2024-02-13 | To keep its cache database efficient, `named` running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, includin… |
CVE-2023-5679 | High | 7.5 | 2024-02-13 | A bad interaction between DNS64 and serve-stale may cause `named` to crash with an assertion failure during recursive resolution, when both of these features a… |