Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

29 matches found

Mageia
Mageiaadded 6 days ago17 views

Updated bind packages fix security vulnerabilities

Updated bind package fixes security vulnerabilities: BIND 9 server memory exhaustion during GSS-API TKEY negotiation CVE-2026-3039 Amplification vulnerabilities via self-pointed glue records CVE-2026-3592 Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation CVE-2026-3593...

9.8CVSS5.8AI score0.00143EPSS
Exploits0References2
SUSE CVE
SUSE CVEadded 6 days ago8 views

SUSE CVE-2026-5947

Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG0, it begins work to validate that signature. If, during that validation, the "recursive-clients" limit is reached as would occur during a query...

7.5CVSS5.8AI score0.00044EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2026/05/22 12:0 a.m.9 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Bind vulnerabilities (USN-8293-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8293-1 advisory. Vitaly Simonovich discovered that Bind could exhaust memory during GSS-API TKEY negotiation. A remote attacker could...

9.8CVSS6.1AI score0.00143EPSS
Exploits0References7
OSV
OSVadded 2026/05/21 7:11 p.m.3 views

USN-8293-1 bind9 vulnerabilities

Vitaly Simonovich discovered that Bind could exhaust memory during GSS-API TKEY negotiation. A remote attacker could possibly use this issue to cause Bind to use excessive resources, leading to a denial of service. CVE-2026-3039 Shuhan Zhang discovered that Bind incorrectly handled self-pointed...

9.8CVSS6AI score0.00143EPSS
Exploits0References7
Ubuntu
Ubuntuadded 2026/05/21 7:11 p.m.5 views

USN-8293-1: Bind vulnerabilities

Vitaly Simonovich discovered that Bind could exhaust memory during GSS-API TKEY negotiation. A remote attacker could possibly use this issue to cause Bind to use excessive resources, leading to a denial of service. CVE-2026-3039 Shuhan Zhang discovered that Bind incorrectly handled self-pointed...

9.8CVSS6AI score0.00143EPSS
Exploits0
ATTACKERKB
ATTACKERKBadded 2026/05/20 1:10 p.m.4 views

CVE-2026-5947

Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG0, it begins work to validate that signature. If, during that validation, the "recursive-clients" limit is reached as would occur during a query...

7.5CVSS5.8AI score0.00044EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2026/05/20 1:10 p.m.28 views

CVE-2026-5947 SIG(0) validation during query flood may lead to undefined behavior

Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG0, it begins work to validate that signature. If, during that validation, the "recursive-clients" limit is reached as would occur during a query...

7.5CVSS0.00044EPSS
Exploits0References3
AlpineLinux
AlpineLinuxadded 2026/05/20 1:10 p.m.9 views

CVE-2026-5947

Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG0, it begins work to validate that signature. If, during that validation, the "recursive-clients" limit is reached as would occur during a query...

7.5CVSS5.8AI score0.00044EPSS
Exploits0
Vulnrichment
Vulnrichmentadded 2026/05/20 1:10 p.m.5 views

CVE-2026-5947 SIG(0) validation during query flood may lead to undefined behavior

Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG0, it begins work to validate that signature. If, during that validation, the "recursive-clients" limit is reached as would occur during a query...

7.5CVSS5.8AI score0.00044EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2026/05/20 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-5947

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG0, it begin...

7.5CVSS5.8AI score0.00044EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/05/17 12:0 a.m.6 views

PT-2026-42164

Name of the Vulnerable Software and Affected Versions BIND 9 versions 9.20.0 through 9.20.22 BIND 9 versions 9.21.0 through 9.21.21 BIND 9 versions 9.20.9-S1 through 9.20.22-S1 Description A race condition occurs when BIND receives an incoming DNS message signed with SIG0. While validating the...

7.5CVSS5.7AI score0.00044EPSS
Exploits0References24
OSV
OSVadded 2026/04/15 1:36 p.m.1 views

SUSE-SU-2026:1351-1 Security update for bind

This update for bind fixes the following issues: Security issues: - CVE-2026-1519: maliciously crafted DNSSEC-validated zone can lead to denial of service bsc1260805. - CVE-2026-3104: memory leak in code preparing DNSSEC proofs of non-existence allows for DoS bsc1260567. - CVE-2026-3119:...

7.5CVSS5.9AI score0.00061EPSS
Exploits0References10
SUSE CVE
SUSE CVEadded 2026/03/26 9:17 a.m.1 views

SUSE CVE-2026-3591

A use-after-return vulnerability exists in the named server when handling DNS queries signed with SIG0. Using a specially-crafted DNS request, an attacker may be able to cause an ACL to improperly mismatch an IP address. In a default-allow ACL denying only specific IP addresses, this may lead to...

5.4CVSS5.8AI score0.00027EPSS
Exploits0References5
OSV
OSVadded 2026/03/25 4:32 p.m.0 views

USN-8124-1 bind9 vulnerabilities

Samy Medjahed discovered that Bind incorrectly handled insecure delegation validation. A remote attacker could possibly use this issue to cause excessive NSEC3 iterations, consuming CPU resources, and leading to a denial of service. CVE-2026-1519 Vitaly Simonovich discovered that Bind incorrectly...

7.5CVSS7.5AI score0.00061EPSS
Exploits0References5
EUVD
EUVDadded 2026/03/25 3:31 p.m.1 views

EUVD-2026-15413

A use-after-return vulnerability exists in the named server when handling DNS queries signed with SIG0. Using a specially-crafted DNS request, an attacker may be able to cause an ACL to improperly mismatch an IP address. In a default-allow ACL denying only specific IP addresses, this may lead to...

5.4CVSS5.8AI score0.00027EPSS
Exploits0References4
OSV
OSVadded 2026/03/25 2:16 p.m.1 views

DEBIAN-CVE-2026-3591

A use-after-return vulnerability exists in the named server when handling DNS queries signed with SIG0. Using a specially-crafted DNS request, an attacker may be able to cause an ACL to improperly mismatch an IP address. In a default-allow ACL denying only specific IP addresses, this may lead to...

5.4CVSS8.5AI score0.00027EPSS
Exploits0References1
OSV
OSVadded 2026/03/25 2:16 p.m.2 views

ALPINE-CVE-2026-3591

A use-after-return vulnerability exists in the named server when handling DNS queries signed with SIG0. Using a specially-crafted DNS request, an attacker may be able to cause an ACL to improperly mismatch an IP address. In a default-allow ACL denying only specific IP addresses, this may lead to...

5.4CVSS5.8AI score0.00027EPSS
Exploits0References1
NVD
NVDadded 2026/03/25 2:16 p.m.1 views

CVE-2026-3591

A use-after-return vulnerability exists in the named server when handling DNS queries signed with SIG0. Using a specially-crafted DNS request, an attacker may be able to cause an ACL to improperly mismatch an IP address. In a default-allow ACL denying only specific IP addresses, this may lead to...

5.4CVSS0.00027EPSS
Exploits0References3
AlpineLinux
AlpineLinuxadded 2026/03/25 1:34 p.m.3 views

CVE-2026-3591

A use-after-return vulnerability exists in the named server when handling DNS queries signed with SIG0. Using a specially-crafted DNS request, an attacker may be able to cause an ACL to improperly mismatch an IP address. In a default-allow ACL denying only specific IP addresses, this may lead to...

5.4CVSS5.8AI score0.00027EPSS
Exploits0
ATTACKERKB
ATTACKERKBadded 2026/03/25 1:34 p.m.3 views

CVE-2026-3591

A use-after-return vulnerability exists in the named server when handling DNS queries signed with SIG0. Using a specially-crafted DNS request, an attacker may be able to cause an ACL to improperly mismatch an IP address. In a default-allow ACL denying only specific IP addresses, this may lead to...

5.4CVSS5.8AI score0.00027EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder