[CIVN-2026-0270] Multiple Vulnerabilities in ISC BIND
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256
Multiple Vulnerabilities in ISC BIND
Indian – Computer Emergency Response Team (https://www.cert-in.org.in)
Severity Rating: HIGH
Software Affected
ISC BIND versions 9.11.0 through 9.16.50
ISC BIND versions 9.18.0 through 9.18.48
ISC BIND versions 9.20.0 through 9.20.22
ISC BIND versions 9.21.0 through 9.21.21
ISC BIND Supported Preview Edition versions 9.11.3-S1 through 9.16.50-S1
ISC BIND Supported Preview Edition versions 9.18.11-S1 through 9.18.48-S1
ISC BIND Supported Preview Edition versions 9.20.9-S1 through 9.20.22-S1
Overview
Multiple vulnerabilities have been reported in ISC BIND which could allow a remote attacker to cause use-after-free condition, disproportionate bandwidth consumption, Denial of Service (DoS), unauthorized access, memory corruption or undefined behavior on the targeted system.
Target Audience:
All end-user organizations and individuals using ISC BIND.
Risk Assessment:
Risk of unauthorized access, service disruption, resource exhaustion, memory corruption.
Impact Assessment:
Potential for application crashes, loss of DNS service availability, data exposure.
Description
ISC BIND is an open-source DNS server software package that provides both authoritative and recursive DNS services.
These vulnerabilities exist in ISC BIND due to improper handling of crafted DNS queries, memory management issues, and insufficient validation mechanism.
Successful exploitation of these vulnerabilities could allow an attacker which may lead to use-after-free condition, disproportionate bandwidth consumption, Denial of Service (DoS), unauthorized access, memory corruption or undefined behavior on the targeted system.
Solution
Apply appropriate updates as mentioned by the vendor:
https://kb.isc.org/docs/cve-2026-3593
https://kb.isc.org/docs/cve-2026-5946
https://kb.isc.org/docs/cve-2026-3592
https://kb.isc.org/docs/cve-2026-5947
https://kb.isc.org/docs/cve-2026-5950
Vendor Information
ISC BIND
https://kb.isc.org/
References
ISC BIND
https://kb.isc.org/docs/cve-2026-3593
https://kb.isc.org/docs/cve-2026-5946
https://kb.isc.org/docs/cve-2026-5947
https://kb.isc.org/docs/cve-2026-5950
https://kb.isc.org/docs/cve-2026-3592
CVE Name
CVE-2026-3593
CVE-2026-5946
CVE-2026-3592
CVE-2026-5947
CVE-2026-5950
– —
Thanks and Regards,
CERT-In
Incident Response Help Desk
e-mail: incident@cert-in.org.in
Phone: +91-11-22902657
Toll Free Number: 1800-11-4949
Toll Free Fax : 1800-11-6969
Web: http://www.cert-in.org.in
PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4
PGP Key information:
https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS
Postal address:
Indian Computer Emergency Response Team (CERT-In)
Ministry of Electronics and Information Technology
Government of India
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003
—–BEGIN PGP SIGNATURE—–
iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmoZZ60ACgkQ3jCgcSdc
ys9R9Q/+PXfL+XzUWJroUCaAt7aKyQwbdvM7adbgyu48bltd/vXusk1Faz3kY5Ui
dPgU7o8RyBD7jVfPH/qKEScGk6n4AI1XTRRZLZ9HhRieHzBkw4ULxyiSN7DvJy7X
LaBX+YusqI4kAuejE2etmpg49UphE6wBA46MdWD+5z0e9zxnJLuSJi8MZVePkALM
Szoj8/qGmDjSnuHWGJwpfdzYlCC5uXetEqkK6Ca5DbMDUXyaxJO4AxBifeakT8MM
UC3+psruDWFfiLKOQbZ6WvaH3ZdjQxNK9A6b/rOiSlRuAfVIqSvB7rG81iqzc4mQ
807ha6U7MmEBS6sSz2guBS+fDeuu4H5HFQWtJChC+M7VKpt8d56ps5GFDlUtl2hJ
bUJFD0XIuQ+S93tl1o2drOWk/fW1UhRjL7vd3j78vZ3LG+7Lz68hWuJRDLB6r+gG
PMXptb+JFjp66jf3bnAfcgBZnAmisjNpJsmnKrLGIaqQEO0BW1K+bLDRriYsRkpy
6GVqbkSTn9tSm1l2E8oHBQi/YdnKoVjtMi1mIuioqI4pbLfYq9EV5DRdHTGqCokA
zPTO4SWriZ5cZAHB+l23Ve+qisM7SpCHi/j5x0QEtDpKSfiRgBSdGW/CbpfHYGq3
PBQu+TqTL0BuLOfn6CoRAx82UJU+B4TdYpnp4r7PpJWHXBYj80I=
=0WQ+
—–END PGP SIGNATURE—–
![[CIVN-2026-0275] Multiple Vulnerabilities in Check Point Products](https://teamwin.in/wp-content/uploads/2025/06/certin-new-e1751351599950-500x383.png)
