CVE-2026-54361

MISP contained multiple mass assignment vulnerabilities in the handling of collections, tag collections, event delegations, and shadow attributes. Several controller actions accepted user-supplied fields that should have remained server-controlled, including record identifiers and ownership-relat...

CVE-2026-54361

CVE-2026-54361 affects MISP and stems from mass assignment flaws in collections, tag collections, event delegations, and shadow attributes. Several controller actions accepted user-supplied fields that should be server-controlled (e.g., id, org_id, orgc_id, user_id), enabling an authenticated att...

PT-2026-48973

Name of the Vulnerable Software and Affected Versions MISP affected versions not specified Description Multiple mass assignment issues exist in the handling of collections, tag collections, event delegations, and shadow attributes. Certain controller actions accept user-supplied fields that shoul...

bind: Fix of CVE-2026-1519

CVE-2026-1519: Limit NSEC3 iterations when validating referrals to unsigned delegations to avoid excessive CPU consumption...

SUSE CVE-2026-42923

NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability in the DNSSEC validator where the code path to consult the negative cache for DS records does not take into account the limit on NSEC3 hash calculations introduced in 1.19.1. This leads to degradation of service during the...

Improper Handling of Case Sensitivity

Overview tuf is a secure updater framework for Python. Affected versions of this package are vulnerable to Improper Handling of Case Sensitivity due to platform-dependent behavior in the DelegatedRole.istargetinpathpattern function. An attacker can bypass intended access restrictions by exploitin...

CLSA-2026-1779214855 bind: Fix of CVE-2026-1519

CVE-2026-1519: fix unbounded NSEC3 iterations when validating referrals to unsigned delegations...

CLSA-2026-1775735258 bind: Fix of CVE-2026-1519

CVE-2026-1519: fix unbounded NSEC3 iterations when validating referrals to unsigned delegations...

Fedora 42 : bind / bind-dyndb-ldap (2026-7f3f640fbf)

The remote Fedora 42 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-7f3f640fbf advisory. Update to 9.18.47 rhbz2440561 Security Fixes: - Fix unbounded NSEC3 iterations when validating referrals to unsigned delegations. CVE-2026-1519 Source:...

Fedora 44 : bind / bind-dyndb-ldap (2026-19d899e92d)

The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-19d899e92d advisory. Update to 9.18.47 rhbz2440561 Security Fixes: - Fix unbounded NSEC3 iterations when validating referrals to unsigned delegations. CVE-2026-1519 Source:...

Fedora 43 : bind / bind-dyndb-ldap (2026-b2ec0d8a47)

The remote Fedora 43 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-b2ec0d8a47 advisory. Update to 9.18.47 rhbz2440561 Security Fixes: - Fix unbounded NSEC3 iterations when validating referrals to unsigned delegations. CVE-2026-1519 Source:...

[slackware-security] bind

New bind packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/bind-9.18.47-i586-1slack15.0.txz: Upgraded. This update fixes a security issue: Fix unbounded NSEC3 iterations when validating referrals...

CVE-2025-59023

Crafted delegations or IP fragments can poison cached delegations in Recursor...

CVE-2025-59024

Crafted delegations or IP fragments can poison cached delegations in Recursor...

UBUNTU-CVE-2025-59023

Crafted delegations or IP fragments can poison cached delegations in Recursor...

CVE-2025-59024

Crafted delegations or IP fragments can poison cached delegations in Recursor...

CVE-2025-59024 Crafted delegations or IP fragments can poison cached delegations in Recursor

Crafted delegations or IP fragments can poison cached delegations in Recursor...

CVE-2025-59024 Crafted delegations or IP fragments can poison cached delegations in Recursor

Crafted delegations or IP fragments can poison cached delegations in Recursor...

CVE-2025-59024

PowerDNS Recursor (CVE-2025-59024; also related CVE-2025-59023) is affected by cache-pollution vulnerabilities due to insufficient validation of delegation information. The issue can poison cached delegations in Recursor, with CVSS ~6.5 (Network, High impact on integrity; Availability low) as per...

CVE-2025-59024

Crafted delegations or IP fragments can poison cached delegations in Recursor...