K000160559: BIND vulnerability CVE-2026-3104

Security Advisory Description A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1. BIND 9 versions 9.18.0 through 9.18.4...

[SECURITY] Fedora 44 Update: bind-dyndb-ldap-11.11-13.fc44

This package provides an LDAP back-end plug-in for BIND. It features support for dynamic updates and internal caching, to lift the load off of your LDAP server...

bind-9.20.21-1.1 on GA media (moderate)

bind-9.20.21-1.1 on GA media Announcement ID: openSUSE-SU-2026:10448-1 Rating: moderate Cross-References: CVE-2026-1519 CVE-2026-3104 CVE-2026-3119 CVE-2026-3591 CVSS scores: CVE-2026-1519 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-1519 SUSE : 8.7...

Fedora 44 : cpp-httplib (2026-03599f0b32)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-03599f0b32 advisory. Update to 0.38.0 rhbz2447261 - Filename sanitization for path traversal prevention Added sanitizefilename to prevent path traversal attacks via malicious...

Fedora: Security Advisory (FEDORA-2026-b2ec0d8a47)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-6181-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 44 : bind / bind-dyndb-ldap (2026-19d899e92d)

The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-19d899e92d advisory. Update to 9.18.47 rhbz2440561 Security Fixes: - Fix unbounded NSEC3 iterations when validating referrals to unsigned delegations. CVE-2026-1519 Source:...

[SECURITY] Fedora 43 Update: bind-dyndb-ldap-11.11-11.fc43

This package provides an LDAP back-end plug-in for BIND. It features support for dynamic updates and internal caching, to lift the load off of your LDAP server...

[SECURITY] Fedora 43 Update: bind-9.18.47-1.fc43

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

Fedora 43 : bind / bind-dyndb-ldap (2026-b2ec0d8a47)

The remote Fedora 43 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-b2ec0d8a47 advisory. Update to 9.18.47 rhbz2440561 Security Fixes: - Fix unbounded NSEC3 iterations when validating referrals to unsigned delegations. CVE-2026-1519 Source:...

OPENSUSE-SU-2026:10448-1 bind-9.20.21-1.1 on GA media

These are all security issues fixed in the bind-9.20.21-1.1 package on the GA media of openSUSE Tumbleweed...

[SECURITY] [DSA 6181-1] bind9 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6181-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 27, 2026 https://www.debian.org/security/faq -...

Ubuntu: Security Advisory (USN-8124-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian dsa-6181 : bind9 - security update

The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6181 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6181-1 [email protected]...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : Bind vulnerabilities (USN-8124-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8124-1 advisory. Samy Medjahed discovered that Bind incorrectly handled insecure delegation validation. A remote attacker could possibly use this issu...

DSA-6181-1 bind9 - security update

Bulletin has no description...

SUSE CVE-2026-1519

If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries see:...

EUVD-2019-20039

River Past CamDo 3.7.6 contains a structured exception handler SEH buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the Lameenc.dll name field. Attackers can craft a payload with a 280-byte buffer, NSEH jump instruction, and SE...

CVE-2026-27523

OpenClaw versions prior to 2026.2.24 contain a sandbox bind validation vulnerability allowing attackers to bypass allowed-root and blocked-path checks via symlinked parent directories with non-existent leaf paths. Attackers can craft bind source paths that appear within allowed roots but resolve...

CVE-2026-30932

Froxlor is open source server administration software. Prior to version 2.3.5, the DomainZones.add API endpoint accessible to customers with DNS enabled does not validate the content field for several DNS record types LOC, RP, SSHFP, TLSA. An attacker can inject newlines and BIND zone file...