Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

BIND 9 — Vulnerabilities & Security Advisories 54

All 54 CVE vulnerabilities found in BIND 9, with AI-generated Chinese analysis, references, and POCs.

Vendor: ISC

CVE IDTitleCVSSSeverityPaused
CVE-2026-3591 A stack use-after-return flaw in SIG(0) handling code may enable ACL bypass CWE-562 5.4 Medium2026-03-25
CVE-2026-3119 Authenticated query containing a TKEY record may cause named to terminate unexpectedly CWE-617 6.5 Medium2026-03-25
CVE-2026-3104 Memory leak in code preparing DNSSEC proofs of non-existence CWE-772 7.5 High2026-03-25
CVE-2026-1519 Excessive NSEC3 iterations cause high CPU load during insecure delegation validation CWE-606 7.5 High2026-03-25
CVE-2025-13878 Malformed BRID/HHIT records can cause named to terminate unexpectedly CWE-617 7.5 High2026-01-21
CVE-2025-40780 Cache poisoning due to weak PRNG CWE-341 8.6 High2025-10-22
CVE-2025-40778 Cache poisoning attacks with unsolicited RRs CWE-349 8.6 High2025-10-22
CVE-2025-8677 Resource exhaustion via malformed DNSKEY handling CWE-405 7.5 High2025-10-22
CVE-2025-40777 A possible assertion failure when 'stale-answer-client-timeout' is set to '0' CWE-617 7.5 High2025-07-16
CVE-2025-40776 Birthday Attack against Resolvers supporting ECS CWE-349 8.6 High2025-07-16
CVE-2025-40775 DNS message with invalid TSIG causes an assertion failure CWE-232 7.5 High2025-05-21
CVE-2024-12705 DNS-over-HTTPS implementation suffers from multiple issues under heavy query load CWE-770 7.5 High2025-01-29
CVE-2024-11187 Many records in the additional section cause CPU exhaustion CWE-405 7.5 High2025-01-29
CVE-2024-4076 Assertion failure when serving both stale cache data and authoritative zone content 7.5 High2024-07-23
CVE-2024-1975 SIG(0) can be used to exhaust CPU resources 7.5 High2024-07-23
CVE-2024-1737 BIND's database will be slow if a very large number of RRs exist at the same name 7.5 High2024-07-23
CVE-2024-0760 A flood of DNS messages over TCP may make the server unstable 7.5 High2024-07-23
CVE-2023-6516 Specific recursive query patterns may lead to an out-of-memory condition 7.5 High2024-02-13
CVE-2023-5680 Cleaning an ECS-enabled cache may cause excessive CPU load 5.3 Medium2024-02-13
CVE-2023-5679 Enabling both DNS64 and serve-stale may cause an assertion failure during recursive resolution 7.5 High2024-02-13
CVE-2023-5517 Querying RFC 1918 reverse zones may cause an assertion failure when "nxdomain-redirect" is enabled 7.5 High2024-02-13
CVE-2023-4408 Parsing large DNS messages may cause excessive CPU load 7.5 High2024-02-13
CVE-2023-4236 named may terminate unexpectedly under high DNS-over-TLS query load 7.5 High2023-09-20
CVE-2023-3341 A stack exhaustion flaw in control channel code may cause named to terminate unexpectedly 7.5 High2023-09-20
CVE-2023-2911 Exceeding the recursive-clients quota may cause named to terminate unexpectedly when stale-answer-client-timeout is set to 0 7.5 High2023-06-21
CVE-2023-2829 Malformed NSEC records can cause named to terminate unexpectedly when synth-from-dnssec is enabled 7.5 High2023-06-21
CVE-2023-2828 named's configured cache size limit can be significantly exceeded 7.5 High2023-06-21
CVE-2022-3924 named configured to answer from stale cache may terminate unexpectedly at recursive-clients soft quota 7.5 High2023-01-25
CVE-2022-3736 named configured to answer from stale cache may terminate unexpectedly while processing RRSIG queries 7.5 High2023-01-25
CVE-2022-3488 named may terminate unexpectedly when processing ECS options in repeated responses to iterative queries 7.5 High2023-01-25

All 54 known CVE vulnerabilities affecting BIND 9 with full Chinese analysis, references, and POCs where available.