2024 matches found
CVE-2026-50426
Relative path traversal in DNS Server allows an authorized attacker to execute code over an adjacent network...
CVE-2026-50426
CVE-2026-50426 : Windows DNS Server contains a relative path traversal vulnerability that could allow an authorized attacker on an adjacent network to execute code. Root cause is traversal of relative paths in DNS Server handling, enabling remote code execution. Reported impact is arbitrary code ...
CVE-2026-49169 Windows DNS Server Remote Code Execution Vulnerability
...
OESA-2026-2964 dnsmasq security update
Dnsmasq provides network infrastructure for small networks: DNS, DHCP, router advertisement and network boot. It is designed to be lightweight and have a small footprint, suitable for resource constrained routers and firewalls. It has also been widely used for tethering on smartphones and portabl...
[SECURITY] Fedora 43 Update: pdns-recursor-5.2.11-1.fc43
PowerDNS Recursor is a non authoritative/recursing DNS server. Use this package if you need a dns cache for your network...
[SECURITY] Fedora 44 Update: pdns-recursor-5.4.3-1.fc44
PowerDNS Recursor is a non authoritative/recursing DNS server. Use this package if you need a dns cache for your network...
CVE-2026-36478
An issue in Technitium DNS Server v.14.3 and before allows a remote attacker to cause a denial of service via the DnsServerApp.exe, DnsServerApp.dll, TechnitiumLibrary.Net/Dns/DnsClient.cs components...
CVE-2026-36478
An issue in Technitium DNS Server v.14.3 and before allows a remote attacker to cause a denial of service via the DnsServerApp.exe, DnsServerApp.dll, TechnitiumLibrary.Net/Dns/DnsClient.cs components...
CVE-2026-36478
Technical details for CVE-2026-36478 are not publicly available in the provided documents. The reports describe a DoS condition in Technitium DNS Server v14.3 and earlier but do not disclose root cause, vulnerable components beyond file names. Monitor for updates.
PT-2026-52211
Name of the Vulnerable Software and Affected Versions NSD version 4.14.0 Description NSD contains a memory corruption flaw occurring during the serialization of a zone to disk. The issue stems from improper input validation and bounds checking of the address-family length field within Address...
[SECURITY] Fedora 44 Update: bind9-next-9.21.22-2.fc44
BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...
RHEL 10 : bind (RHSA-2026:24338)
"The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:24338 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named...
CVE-2026-0264
A buffer overflow vulnerability in the DNS proxy and DNS Server features of Palo Alto Networks PAN-OS® Software allows an unauthenticated attacker with network access to cause a denial of service DoS condition all PAN-OS platforms except Cloud NGFW and Prisma Access or potentially execute arbitra...
SUSE CVE-2026-5947
Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG0, it begins work to validate that signature. If, during that validation, the "recursive-clients" limit is reached as would occur during a query...
RLSA-2026:18786 Important: bind security update
The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...
[SECURITY] Fedora 44 Update: bind-9.18.49-1.fc44
BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...
CVE-2026-5947
Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG0, it begins work to validate that signature. If, during that validation, the "recursive-clients" limit is reached as would occur during a query...
CVE-2026-5947 SIG(0) validation during query flood may lead to undefined behavior
Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG0, it begins work to validate that signature. If, during that validation, the "recursive-clients" limit is reached as would occur during a query...
CVE-2026-3039 BIND 9 server memory exhaustion during GSS-API TKEY negotiation
BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets. Typically these servers will be found in Active Directory integrated DNS deployments and/or...
CVE-2026-3039
CVE-2026-3039 affects BIND 9.x when TKEY-based authentication via GSS-API tokens is used; the issue is a memory-exhaustion vulnerability triggered by malicious packets in Active Directory/Kerberos DNS setups. Affected versions span 9.0.0–9.16.50, 9.18.0–9.18.48, 9.20.0–9.20.22, 9.21.0–9.21.21, pl...