CVE search results

1 – 10 of 67 results

Detailed view

Sort by:

CVE-2026-5950

Medium priority

Some fixes available 4 of 14

Unbounded resend loop in BIND 9 resolver

3 affected packages

bind9, isc-dhcp, bind9-libs

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
bind9	Fixed	Fixed	Fixed	Needs evaluation	Needs evaluation
isc-dhcp	Needs evaluation	Needs evaluation	Not affected	Not affected	Needs evaluation
bind9-libs	Not in release	Not in release	Needs evaluation	Needs evaluation	—

CVE-2026-5947

Medium priority

Some fixes available 2 of 8

SIG(0) validation during query flood may lead to undefined behavior

3 affected packages

bind9, isc-dhcp, bind9-libs

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
bind9	Fixed	Not affected	Not affected	Not affected	Not affected
isc-dhcp	Needs evaluation	Needs evaluation	Not affected	Not affected	Needs evaluation
bind9-libs	Not in release	Not in release	Needs evaluation	Needs evaluation	—

CVE-2026-5946

Medium priority

Some fixes available 4 of 14

Invalid handling of CLASS != IN

3 affected packages

bind9, isc-dhcp, bind9-libs

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
bind9	Fixed	Fixed	Fixed	Needs evaluation	Needs evaluation
isc-dhcp	Needs evaluation	Needs evaluation	Not affected	Not affected	Needs evaluation
bind9-libs	Not in release	Not in release	Needs evaluation	Needs evaluation	—

CVE-2026-3593

Medium priority

Some fixes available 2 of 8

Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation

3 affected packages

bind9, isc-dhcp, bind9-libs

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
bind9	Fixed	Not affected	Not affected	Not affected	Not affected
isc-dhcp	Needs evaluation	Needs evaluation	Not affected	Not affected	Needs evaluation
bind9-libs	Not in release	Not in release	Needs evaluation	Needs evaluation	—

CVE-2026-3592

Medium priority

Some fixes available 4 of 14

Amplification vulnerabilities via self-pointed glue records

3 affected packages

bind9, isc-dhcp, bind9-libs

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
bind9	Fixed	Fixed	Fixed	Needs evaluation	Needs evaluation
isc-dhcp	Needs evaluation	Needs evaluation	Not affected	Not affected	Needs evaluation
bind9-libs	Not in release	Not in release	Needs evaluation	Needs evaluation	—

CVE-2026-3039

Medium priority

Some fixes available 4 of 14

BIND 9 server memory exhaustion during GSS-API TKEY negotiation

3 affected packages

bind9, isc-dhcp, bind9-libs

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
bind9	Fixed	Fixed	Fixed	Needs evaluation	Needs evaluation
isc-dhcp	Needs evaluation	Needs evaluation	Not affected	Not affected	Needs evaluation
bind9-libs	Not in release	Not in release	Needs evaluation	Needs evaluation	—

CVE-2026-3591

Medium priority

Some fixes available 1 of 7

A use-after-return vulnerability exists in the `named` server when handling DNS queries signed with SIG(0). Using a specially-crafted DNS request, an attacker may be able to cause an ACL to improperly (mis)match an IP address. In...

3 affected packages

bind9, isc-dhcp, bind9-libs

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
bind9	Not affected	Not affected	Not affected	Not affected	Not affected
isc-dhcp	Needs evaluation	Needs evaluation	Not affected	Not affected	Needs evaluation
bind9-libs	Not in release	Not in release	Needs evaluation	Needs evaluation	—

CVE-2026-3119

Medium priority

Some fixes available 1 of 7

Under certain conditions, `named` may crash when processing a correctly signed query containing a TKEY record. The affected code can only be reached if an incoming request has a valid transaction signature (TSIG) from a key...

3 affected packages

bind9, isc-dhcp, bind9-libs

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
bind9	Not affected	Not affected	Not affected	Not affected	Not affected
isc-dhcp	Needs evaluation	Needs evaluation	Not affected	Not affected	Needs evaluation
bind9-libs	Not in release	Not in release	Needs evaluation	Needs evaluation	—

CVE-2026-3104

Medium priority

Some fixes available 1 of 7

A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through...

3 affected packages

bind9, isc-dhcp, bind9-libs

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
bind9	Not affected	Not affected	Not affected	Not affected	Not affected
isc-dhcp	Needs evaluation	Needs evaluation	Not affected	Not affected	Needs evaluation
bind9-libs	Not in release	Not in release	Needs evaluation	Needs evaluation	—

CVE-2026-1519

Medium priority

Some fixes available 3 of 13

If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where...

3 affected packages

bind9, isc-dhcp, bind9-libs

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
bind9	Not affected	Fixed	Fixed	Needs evaluation	Needs evaluation
isc-dhcp	Needs evaluation	Needs evaluation	Not affected	Not affected	Needs evaluation
bind9-libs	Not in release	Not in release	Needs evaluation	Needs evaluation	—

Export to JSON

Results by page:

Search CVE reports