Bind 9

This hub aggregates every CVE we track for Bind 9, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Bind 9.

• CVE-2026-5950Unbounded resend loop in BIND 9 resolver5.3May 20, 2026
• CVE-2026-5947SIG(0) validation during query flood may lead to undefined behavior7.5May 20, 2026
• CVE-2026-5946Invalid handling of CLASS != IN7.5May 20, 2026
• CVE-2026-3593Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation7.4May 20, 2026
• CVE-2026-3592Amplification vulnerabilities via self-pointed glue records5.3May 20, 2026
• CVE-2026-3039BIND 9 server memory exhaustion during GSS-API TKEY negotiation7.5May 20, 2026
• CVE-2026-3591A stack use-after-return flaw in SIG(0) handling code may enable ACL bypass5.4Mar 25, 2026
• CVE-2026-3119Authenticated query containing a TKEY record may cause named to terminate unexpectedly6.5Mar 25, 2026
• CVE-2026-3104Memory leak in code preparing DNSSEC proofs of non-existence7.5Mar 25, 2026
• CVE-2026-1519Excessive NSEC3 iterations cause high CPU load during insecure delegation validation7.5Mar 25, 2026
• CVE-2025-13878Malformed BRID/HHIT records can cause named to terminate unexpectedly7.5Jan 21, 2026
• CVE-2025-40780Cache poisoning due to weak PRNG8.6Oct 22, 2025
• CVE-2025-40778Cache poisoning attacks with unsolicited RRs8.6Oct 22, 2025
• CVE-2025-8677Resource exhaustion via malformed DNSKEY handling7.5Oct 22, 2025
• CVE-2025-40777A possible assertion failure when 'stale-answer-client-timeout' is set to '0'7.5Jul 16, 2025