SUSE CVE-2026-5950

An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenticated attacker to cause severe resource exhaustion by sending queries that trigger specific retry conditions. This issue affects BIND 9 versions 9.18.36 throu...

CVE-2026-5950

A flaw was found in BIND 9. A remote, unauthenticated attacker can exploit an unbounded resend loop vulnerability in the resolver state machine during bad-server handling. By sending specially crafted queries that trigger specific retry conditions, the attacker can cause severe resource exhaustio...

CVE-2026-5950

An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenticated attacker to cause severe resource exhaustion by sending queries that trigger specific retry conditions. This issue affects BIND 9 versions 9.18.36 throu...

ALPINE-CVE-2026-5950

An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenticated attacker to cause severe resource exhaustion by sending queries that trigger specific retry conditions. This issue affects BIND 9 versions 9.18.36 throu...

CVE-2026-5950

An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenticated attacker to cause severe resource exhaustion by sending queries that trigger specific retry conditions. This issue affects BIND 9 versions 9.18.36 throu...

CVE-2026-5950

The CVE-2026-5950 issue affects BIND 9 resolver logic, with an unbounded resend loop in the bad-server handling path of the state machine. This leads to remote, unauthenticated attackers exhausting resources by issuing queries that trigger specific retry conditions. Affected series include BIND 9...

CVE-2026-5950 Unbounded resend loop in BIND 9 resolver

An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenticated attacker to cause severe resource exhaustion by sending queries that trigger specific retry conditions. This issue affects BIND 9 versions 9.18.36 throu...

CVE-2026-5950 Unbounded resend loop in BIND 9 resolver

An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenticated attacker to cause severe resource exhaustion by sending queries that trigger specific retry conditions. This issue affects BIND 9 versions 9.18.36 throu...

CVE-2026-5950

An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenticated attacker to cause severe resource exhaustion by sending queries that trigger specific retry conditions. This issue affects BIND 9 versions 9.18.36 throu...

PT-2026-42165

Name of the Vulnerable Software and Affected Versions BIND 9 versions 9.18.36 through 9.18.48 BIND 9 versions 9.20.8 through 9.20.22 BIND 9 versions 9.21.7 through 9.21.21 BIND 9 versions 9.18.36-S1 through 9.18.48-S1 BIND 9 versions 9.20.9-S1 through 9.20.22-S1 Description An unbounded resend lo...

CLSA-2026-1770310264 java-1.8.0-openjdk: Fix of 3 CVEs

Upgrade to shenandoah-jdk8u482-b08 GA fixing the following CVE: - CVE-2026-21945: enhance certificate checking - CVE-2026-21925: improve JMX connections - CVE-2026-21933: improve HttpServer request handling...

CLSA-2026-1775779143 java-11-openjdk: Fix of 5 CVEs

Upgrade to openjdk-11.0.30+7 GA. The following CVEs were fixed: - CVE-2026-21945: enhance Certificate Checking - CVE-2026-21933: improve HttpServer Request handling - CVE-2026-21925: improve JMX connections - CVE-2025-65018: fix LIBPNG heap buffer overflow - CVE-2025-64720: fix LIBPNG buffer...

CLSA-2026-1770310535 java-1.8.0-openjdk: Fix of 3 CVEs

Upgrade to shenandoah-jdk8u482-b08 GA fixing the following CVE: - CVE-2026-21945: enhance certificate checking - CVE-2026-21925: improve JMX connections - CVE-2026-21933: improve HttpServer request handling...

MiracleLinux 9 : java-25-openjdk-25.0.2.0.10-1.el9.ML.1 (AXSA:2026-154:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-154:04 advisory. JDK: Improve JMX connections CVE-2026-21925 JDK: Improve HttpServer Request handling CVE-2026-21933 JDK: Enhance Certificate Checking CVE-2026-21945...

CLSA-2026-1770115899 java-17-openjdk: Fix of 5 CVEs

Update to jdk-17.0.18+8 GA - CVE-2026-21925: improve JMX connections - CVE-2026-21933: improve HttpServer Request handling - CVE-2026-21945: enhance Certificate Checking - CVE-2025-64720: libpng: fix buffer overflow - CVE-2025-65018: libpng: fix heap buffer overflow...

MiracleLinux 8 : java-1.8.0-openjdk-1.8.0.482.b08-1.el8 (AXSA:2026-109:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-109:02 advisory. JDK: Improve JMX connections CVE-2026-21925 JDK: Improve HttpServer Request handling CVE-2026-21933 JDK: Enhance Certificate Checking CVE-2026-21945...

Updated java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, and java-latest-openjdk packages fix security vulnerabilities

LIBPNG is vulnerable to a buffer overflow in pngimagereadcomposite via incorrect palette premultiplication. CVE-2025-64720 LIBPNG is vulnerable to a heap buffer overflow in pngcombinerow triggered via pngimagefinishread. CVE-2025-65018 Improve JMX connections. CVE-2026-21925 Improve HttpServer...

Important: java-25-openjdk security update

The OpenJDK 25 packages provide the OpenJDK 25 Java Runtime Environment and the OpenJDK 25 Java Software Development Kit. Security Fixes: JDK: Improve JMX connections CVE-2026-21925 JDK: Improve HttpServer Request handling CVE-2026-21933 JDK: Enhance Certificate Checking CVE-2026-21945 libpng:...

Important: java-1.8.0-openjdk security update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: JDK: Improve JMX connections CVE-2026-21925 JDK: Improve HttpServer Request handling CVE-2026-21933 JDK: Enhance Certificate Checking CVE-2026-21945...

RHEL 7 / 8 / 9 : java-11-openjdk ELS (RHSA-2026:0847)

The remote Redhat Enterprise Linux 7 / 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0847 advisory. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This...