Bind
This hub aggregates every CVE we track for Bind, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.
174
CVEs tracked
7
Critical
81
High
0
In CISA KEV
Severity distribution
HIGH81MEDIUM80CRITICAL7LOW6
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
0
0
0
0
4
0
6
0
0
2024-082026-07
Latest CVEs
The 15 most recently published vulnerabilities affecting Bind.
- CVE-2026-5950Unbounded resend loop in BIND 9 resolver5.3
- CVE-2026-5947SIG(0) validation during query flood may lead to undefined behavior7.5
- CVE-2026-5946Invalid handling of CLASS != IN7.5
- CVE-2026-3593Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation7.4
- CVE-2026-3592Amplification vulnerabilities via self-pointed glue records5.3
- CVE-2026-3039BIND 9 server memory exhaustion during GSS-API TKEY negotiation7.5
- CVE-2026-3591A stack use-after-return flaw in SIG(0) handling code may enable ACL bypass5.4
- CVE-2026-3119Authenticated query containing a TKEY record may cause named to terminate unexpectedly6.5
- CVE-2026-3104Memory leak in code preparing DNSSEC proofs of non-existence7.5
- CVE-2026-1519Excessive NSEC3 iterations cause high CPU load during insecure delegation validation7.5
- CVE-2025-40780Cache poisoning due to weak PRNG8.6
- CVE-2025-40778Cache poisoning attacks with unsolicited RRs8.6
- CVE-2023-50868The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) v...7.5
- CVE-2023-50387Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, ...7.5
- CVE-2023-5680Cleaning an ECS-enabled cache may cause excessive CPU load5.3
Product normalization is registry-driven with AI assist and human review. How it works