Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-10.3.1.9)

The version of AHV installed on the remote host is prior to AHV-10.3.1.9. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-10.3.1.9 advisory. - The webbrowser.open API would accept leading dashes in the URL which could be handled as command line options for...

RockyLinux 9 : bind (RLSA-2026:18786)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:18786 advisory. bind: Resource exhaustion via malformed DNSKEY handling CVE-2025-8677 Tenable has extracted the preceding description block directly from the RockyLinux security...

TencentOS Server 3: bind (TSSA-2026:0362)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0362 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

CVE-2026-3592 affecting package bind for versions less than 9.20.23-1

CVE-2026-3592 affecting package bind for versions less than 9.20.23-1. A patched version of the package is available...

CVE-2026-3593 affecting package bind for versions less than 9.20.23-1

CVE-2026-3593 affecting package bind for versions less than 9.20.23-1. An upgraded version of the package is available that resolves this issue...

CVE-2026-5947

A flaw was found in BIND. A remote attacker could exploit a race condition during SIG0 signature validation of an incoming DNS message. If the "recursive-clients" limit is reached and the message is discarded, a use-after-free vulnerability may occur. This could lead to undefined behavior and...

CVE-2026-5947

Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG0, it begins work to validate that signature. If, during that validation, the "recursive-clients" limit is reached as would occur during a query...

Astra Linux - уязвимость в bind9

In BIND 9.0.0 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.9.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of the Supported Preview Edition, as well as release versions 9.17.0 - 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record that...

ISC BIND 9.20.0 < 9.20.23 / 9.20.9-S1 < 9.20.23-S1 / 9.21.0 < 9.21.22 Vulnerability (cve-2026-3593)

The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2026-3593 advisory. - A use-after-free vulnerability exists within the DNS-over-HTTPS implementation. This issue affects BIND 9 versions 9.20.0...

ISC BIND 9.20.0 < 9.20.23 / 9.20.9-S1 < 9.20.23-S1 / 9.21.0 < 9.21.22 Vulnerability (cve-2026-5947)

The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2026-5947 advisory. - Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming D...

RHEL 9 : bind (RHSA-2026:18786)

"The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18786 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named %NASLMINLEVEL...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: bind (UTSA-2026-021471)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021471 advisory. If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are...

Oracle Linux 7 : bind (ELSA-2026-11371)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-11371 advisory. - Resolve CVE-2026-1519 Orabug: 39275755 - Resolve CVE-2025-40778 Orabug: 38699863 Tenable has extracted the preceding description block directly from the Orac...

PT-2026-42154

Name of the Vulnerable Software and Affected Versions BIND 9 versions 9.0.0 through 9.16.50 BIND 9 versions 9.18.0 through 9.18.48 BIND 9 versions 9.20.0 through 9.20.22 BIND 9 versions 9.21.0 through 9.21.21 BIND 9 versions 9.9.3-S1 through 9.16.50-S1 BIND 9 versions 9.18.11-S1 through 9.18.48-S...

Important: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability...

bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone

A flaw was found in BIND. A remote attacker could exploit this vulnerability by sending a maliciously crafted DNSSEC-validated zone to a BIND resolver. This could cause the resolver to consume excessive CPU resources, leading to a denial of service DoS for legitimate users...

Important: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System...

Unity Linux 20.1060e / 20.1070e Security Update: bind (UTSA-2026-017490)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017490 advisory. In BIND 9.3.0 - 9.11.35, 9.12.0 - 9.16.21, and versions 9.9.3-S1 - 9.11.35-S1 and 9.16.8-S1 - 9.16.21-S1 of BIND Supported Preview Edition, as well as release versio...

Unity Linux 20.1060e / 20.1070e Security Update: bind (UTSA-2026-017654)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017654 advisory. In BIND 9.0.0 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.9.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of BIND Supported Preview Edition, as well as release...

Unity Linux 20.1060e / 20.1070e Security Update: bind (UTSA-2026-017624)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017624 advisory. BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default setting...