Vendor

ISC

3 briefs RSS

CVE-2026-3039: BIND TKEY Authentication Memory Consumption Vulnerability

BIND servers configured for TKEY-based authentication using GSS-API tokens are susceptible to excessive memory consumption upon receiving and processing crafted packets, impacting availability.

BIND 9 cve cve-2026-3039 bind9 denial-of-service memory-consumption

2r 1t 1c 7h ago

high advisory

ISC BIND Use-After-Free Vulnerability Due to Race Condition (CVE-2026-5947)

2 rules 1 CVE

A race condition in ISC BIND can lead to a use-after-free vulnerability (CVE-2026-5947) when handling SIG(0) signed DNS messages, potentially leading to undefined behavior.

BIND 9 +2 cve dns use-after-free denial-of-service

2r 1c 7h ago

medium advisory

CVE-2026-5946: BIND 9 `named` Assertion Failure Vulnerability

2 rules 1 CVE

Multiple flaws in BIND 9's `named` component, specifically versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1, can be exploited by sending specially crafted DNS requests with non-`IN` CLASS or meta-classes, leading to assertion failures and potential denial-of-service.

BIND 9 denial-of-service dns bind9 CVE-2026-5946

2r 1c 7h ago