Vulnerability-Lookup

CVE-2026-5947 (GCVE-0-2026-5947)

Vulnerability from cvelistv5 – Published: 2026-05-20 13:10 – Updated: 2026-05-20 13:39

Title

SIG(0) validation during query flood may lead to undefined behavior

Summary

Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG(0), it begins work to validate that signature. If, during that validation, the "recursive-clients" limit is reached (as would occur during a query flood), and that same DNS message is discarded per the limit, there is a brief window of time while the SIG(0) validation may attempt to read the now-discarded DNS message. This issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1. BIND 9 versions 9.18.28 through 9.18.49 and 9.18.28-S1 through 9.18.49-S1 are NOT affected.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-416 - Use After Free

Assigner

isc

References

3 references

URL	Tags
https://kb.isc.org/docs/cve-2026-5947	vendor-advisory
https://downloads.isc.org/isc/bind9/9.20.23	patch
https://downloads.isc.org/isc/bind9/9.21.22	patch

Impacted products

1 product

Vendor	Product	Version
ISC	BIND 9	Affected: 9.20.0 , ≤ 9.20.22 (custom) Affected: 9.21.0 , ≤ 9.21.21 (custom) Affected: 9.20.9-S1 , ≤ 9.20.22-S1 (custom) Unaffected: 9.18.28 , ≤ 9.18.49 (custom) Unaffected: 9.18.28-S1 , ≤ 9.18.49-S1 (custom)

Date Public

2026-05-20 00:00

Credits

ISC would like to thank Naoki Wakamatsu for bringing this vulnerability to our attention.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-5947",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-20T13:39:15.454199Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-20T13:39:38.654Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "BIND 9",
          "vendor": "ISC",
          "versions": [
            {
              "lessThanOrEqual": "9.20.22",
              "status": "affected",
              "version": "9.20.0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "9.21.21",
              "status": "affected",
              "version": "9.21.0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "9.20.22-S1",
              "status": "affected",
              "version": "9.20.9-S1",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "9.18.49",
              "status": "unaffected",
              "version": "9.18.28",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "9.18.49-S1",
              "status": "unaffected",
              "version": "9.18.28-S1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                  "versionEndIncluding": "9.20.22",
                  "versionStartIncluding": "9.20.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                  "versionEndIncluding": "9.21.21",
                  "versionStartIncluding": "9.21.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                  "versionEndIncluding": "9.20.22-S1",
                  "versionStartIncluding": "9.20.9-S1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                  "versionEndIncluding": "9.18.49",
                  "versionStartIncluding": "9.18.28",
                  "vulnerable": false
                },
                {
                  "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
                  "versionEndIncluding": "9.18.49-S1",
                  "versionStartIncluding": "9.18.28-S1",
                  "vulnerable": false
                }
              ],
              "operator": "OR"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "ISC would like to thank Naoki Wakamatsu for bringing this vulnerability to our attention."
        }
      ],
      "datePublic": "2026-05-20T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Undefined behavior may result due to a race condition leading to a use-after-free violation.  If BIND receives an incoming DNS message signed with SIG(0), it begins work to validate that signature.  If, during that validation, the \"recursive-clients\" limit is reached (as would occur during a query flood), and that same DNS message is discarded per the limit, there is a brief window of time while the SIG(0) validation may attempt to read the now-discarded DNS message.\nThis issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1.\nBIND 9 versions 9.18.28 through 9.18.49 and 9.18.28-S1 through 9.18.49-S1 are NOT affected."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "We are not aware of any active exploits."
        }
      ],
      "impacts": [
        {
          "descriptions": [
            {
              "lang": "en",
              "value": "The use of memory after it is freed is undefined (\"dangling pointer\").  The BIND process may abort with a segmentation violation or similar error.  If memory from the discarded message has not been reused or reclaimed, the validation might proceed normally.  Any kind of code execution from such an improper data read is unlikely."
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-362",
              "description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
              "lang": "en",
              "type": "CWE"
            },
            {
              "cweId": "CWE-416",
              "description": "CWE-416 Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-20T13:10:11.873Z",
        "orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
        "shortName": "isc"
      },
      "references": [
        {
          "name": "CVE-2026-5947",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://kb.isc.org/docs/cve-2026-5947"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://downloads.isc.org/isc/bind9/9.20.23"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://downloads.isc.org/isc/bind9/9.21.22"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Upgrade to the patched release most closely related to your current version of BIND 9: 9.20.23, 9.21.22, or 9.20.23-S1."
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "SIG(0) validation during query flood may lead to undefined behavior",
      "workarounds": [
        {
          "lang": "en",
          "value": "No workarounds known."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
    "assignerShortName": "isc",
    "cveId": "CVE-2026-5947",
    "datePublished": "2026-05-20T13:10:11.873Z",
    "dateReserved": "2026-04-09T06:40:58.672Z",
    "dateUpdated": "2026-05-20T13:39:38.654Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2026-5947",
      "date": "2026-06-11",
      "epss": "0.00032",
      "percentile": "0.09844"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-5947\",\"sourceIdentifier\":\"security-officer@isc.org\",\"published\":\"2026-05-20T13:16:40.303\",\"lastModified\":\"2026-05-21T15:24:32.997\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Undefined behavior may result due to a race condition leading to a use-after-free violation.  If BIND receives an incoming DNS message signed with SIG(0), it begins work to validate that signature.  If, during that validation, the \\\"recursive-clients\\\" limit is reached (as would occur during a query flood), and that same DNS message is discarded per the limit, there is a brief window of time while the SIG(0) validation may attempt to read the now-discarded DNS message.\\nThis issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1.\\nBIND 9 versions 9.18.28 through 9.18.49 and 9.18.28-S1 through 9.18.49-S1 are NOT affected.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-officer@isc.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security-officer@isc.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-362\"},{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*\",\"versionStartIncluding\":\"9.20.0\",\"versionEndExcluding\":\"9.20.23\",\"matchCriteriaId\":\"D92461F1-BA01-479E-B740-38855CC216E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*\",\"versionStartIncluding\":\"9.21.0\",\"versionEndExcluding\":\"9.21.22\",\"matchCriteriaId\":\"B254E8E7-3F57-4552-ACBF-623FA481B697\"}]}]}],\"references\":[{\"url\":\"https://downloads.isc.org/isc/bind9/9.20.23\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://downloads.isc.org/isc/bind9/9.21.22\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://kb.isc.org/docs/cve-2026-5947\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-5947\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-20T13:39:15.454199Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-05-20T13:39:19.676Z\"}}], \"cna\": {\"title\": \"SIG(0) validation during query flood may lead to undefined behavior\", \"source\": {\"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"value\": \"ISC would like to thank Naoki Wakamatsu for bringing this vulnerability to our attention.\"}], \"impacts\": [{\"descriptions\": [{\"lang\": \"en\", \"value\": \"The use of memory after it is freed is undefined (\\\"dangling pointer\\\").  The BIND process may abort with a segmentation violation or similar error.  If memory from the discarded message has not been reused or reclaimed, the validation might proceed normally.  Any kind of code execution from such an improper data read is unlikely.\"}]}], \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"ISC\", \"product\": \"BIND 9\", \"versions\": [{\"status\": \"affected\", \"version\": \"9.20.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"9.20.22\"}, {\"status\": \"affected\", \"version\": \"9.21.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"9.21.21\"}, {\"status\": \"affected\", \"version\": \"9.20.9-S1\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"9.20.22-S1\"}, {\"status\": \"unaffected\", \"version\": \"9.18.28\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"9.18.49\"}, {\"status\": \"unaffected\", \"version\": \"9.18.28-S1\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"9.18.49-S1\"}], \"defaultStatus\": \"unaffected\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"We are not aware of any active exploits.\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Upgrade to the patched release most closely related to your current version of BIND 9: 9.20.23, 9.21.22, or 9.20.23-S1.\"}], \"datePublic\": \"2026-05-20T00:00:00.000Z\", \"references\": [{\"url\": \"https://kb.isc.org/docs/cve-2026-5947\", \"name\": \"CVE-2026-5947\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://downloads.isc.org/isc/bind9/9.20.23\", \"tags\": [\"patch\"]}, {\"url\": \"https://downloads.isc.org/isc/bind9/9.21.22\", \"tags\": [\"patch\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"No workarounds known.\"}], \"x_generator\": {\"engine\": \"cvelib 1.8.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Undefined behavior may result due to a race condition leading to a use-after-free violation.  If BIND receives an incoming DNS message signed with SIG(0), it begins work to validate that signature.  If, during that validation, the \\\"recursive-clients\\\" limit is reached (as would occur during a query flood), and that same DNS message is discarded per the limit, there is a brief window of time while the SIG(0) validation may attempt to read the now-discarded DNS message.\\nThis issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1.\\nBIND 9 versions 9.18.28 through 9.18.49 and 9.18.28-S1 through 9.18.49-S1 are NOT affected.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-362\", \"description\": \"CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)\"}, {\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-416\", \"description\": \"CWE-416 Use After Free\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndIncluding\": \"9.20.22\", \"versionStartIncluding\": \"9.20.0\"}, {\"criteria\": \"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndIncluding\": \"9.21.21\", \"versionStartIncluding\": \"9.21.0\"}, {\"criteria\": \"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndIncluding\": \"9.20.22-S1\", \"versionStartIncluding\": \"9.20.9-S1\"}, {\"criteria\": \"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\", \"vulnerable\": false, \"versionEndIncluding\": \"9.18.49\", \"versionStartIncluding\": \"9.18.28\"}, {\"criteria\": \"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\", \"vulnerable\": false, \"versionEndIncluding\": \"9.18.49-S1\", \"versionStartIncluding\": \"9.18.28-S1\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"404fd4d2-a609-4245-b543-2c944a302a22\", \"shortName\": \"isc\", \"dateUpdated\": \"2026-05-20T13:10:11.873Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-5947\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-20T13:39:38.654Z\", \"dateReserved\": \"2026-04-09T06:40:58.672Z\", \"assignerOrgId\": \"404fd4d2-a609-4245-b543-2c944a302a22\", \"datePublished\": \"2026-05-20T13:10:11.873Z\", \"assignerShortName\": \"isc\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

CERTFR-2026-AVI-0626

Vulnerability from certfr_avis - Published: 2026-05-21 - Updated: 2026-05-21

De multiples vulnérabilités ont été découvertes dans ISC BIND. Elles permettent à un attaquant de provoquer un déni de service à distance et un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
ISC	BIND	Bind versions 9.20.x antérieures à 9.20.23
ISC	BIND	Bind versions 9.x antérieures à 9.18.49
ISC	BIND	BIND Supported Preview Edition versions antérieures à 9.18.49-S1
ISC	BIND	Bind versions 9.21.x antérieures à 9.21.22
ISC	BIND	BIND Supported Preview Edition versions 9.20.x antérieures à 9.20.23-S1

References

Title

Publication Time

FKIE_CVE-2026-5947

Vulnerability from fkie_nvd - Published: 2026-05-20 13:16 - Updated: 2026-05-21 15:24

Severity

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
security-officer@isc.org	https://downloads.isc.org/isc/bind9/9.20.23	Patch
security-officer@isc.org	https://downloads.isc.org/isc/bind9/9.21.22	Patch
security-officer@isc.org	https://kb.isc.org/docs/cve-2026-5947	Vendor Advisory

Impacted products

	Vendor	Product	Version
	isc	bind	*
	isc	bind	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*",
              "matchCriteriaId": "D92461F1-BA01-479E-B740-38855CC216E6",
              "versionEndExcluding": "9.20.23",
              "versionStartIncluding": "9.20.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*",
              "matchCriteriaId": "B254E8E7-3F57-4552-ACBF-623FA481B697",
              "versionEndExcluding": "9.21.22",
              "versionStartIncluding": "9.21.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Undefined behavior may result due to a race condition leading to a use-after-free violation.  If BIND receives an incoming DNS message signed with SIG(0), it begins work to validate that signature.  If, during that validation, the \"recursive-clients\" limit is reached (as would occur during a query flood), and that same DNS message is discarded per the limit, there is a brief window of time while the SIG(0) validation may attempt to read the now-discarded DNS message.\nThis issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1.\nBIND 9 versions 9.18.28 through 9.18.49 and 9.18.28-S1 through 9.18.49-S1 are NOT affected."
    }
  ],
  "id": "CVE-2026-5947",
  "lastModified": "2026-05-21T15:24:32.997",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "security-officer@isc.org",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2026-05-20T13:16:40.303",
  "references": [
    {
      "source": "security-officer@isc.org",
      "tags": [
        "Patch"
      ],
      "url": "https://downloads.isc.org/isc/bind9/9.20.23"
    },
    {
      "source": "security-officer@isc.org",
      "tags": [
        "Patch"
      ],
      "url": "https://downloads.isc.org/isc/bind9/9.21.22"
    },
    {
      "source": "security-officer@isc.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.isc.org/docs/cve-2026-5947"
    }
  ],
  "sourceIdentifier": "security-officer@isc.org",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-362"
        },
        {
          "lang": "en",
          "value": "CWE-416"
        }
      ],
      "source": "security-officer@isc.org",
      "type": "Secondary"
    }
  ]
}

GHSA-6MM6-M775-CHPM

Vulnerability from github – Published: 2026-05-20 15:35 – Updated: 2026-05-20 15:35

Details

Severity

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2026-5947"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-362"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-20T13:16:40Z",
    "severity": "HIGH"
  },
  "details": "Undefined behavior may result due to a race condition leading to a use-after-free violation.  If BIND receives an incoming DNS message signed with SIG(0), it begins work to validate that signature.  If, during that validation, the \"recursive-clients\" limit is reached (as would occur during a query flood), and that same DNS message is discarded per the limit, there is a brief window of time while the SIG(0) validation may attempt to read the now-discarded DNS message.\nThis issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1.\nBIND 9 versions 9.18.28 through 9.18.49 and 9.18.28-S1 through 9.18.49-S1 are NOT affected.",
  "id": "GHSA-6mm6-m775-chpm",
  "modified": "2026-05-20T15:35:33Z",
  "published": "2026-05-20T15:35:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5947"
    },
    {
      "type": "WEB",
      "url": "https://downloads.isc.org/isc/bind9/9.20.23"
    },
    {
      "type": "WEB",
      "url": "https://downloads.isc.org/isc/bind9/9.21.22"
    },
    {
      "type": "WEB",
      "url": "https://kb.isc.org/docs/cve-2026-5947"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

MSRC_CVE-2026-5947

Vulnerability from csaf_microsoft - Published: 2026-05-02 00:00 - Updated: 2026-05-23 01:01

Summary

SIG(0) validation during query flood may lead to undefined behavior

Notes

Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle

Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

CVE-2026-5947

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: 21351-17084		—

Known affected 1 product

Product	Identifier	Version	Remediation
Unresolved product id: 17084-1		—	Vendor Fix fix

References

4 references

URL	Category
https://msrc.microsoft.com/csaf/vex/2026/msrc_cve…	self
https://support.microsoft.com/lifecycle	external
https://www.first.org/cvss	external
https://msrc.microsoft.com/csaf/vex/2026/msrc_cve…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_vex",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Public",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
        "title": "Disclaimer"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "secure@microsoft.com",
      "name": "Microsoft Security Response Center",
      "namespace": "https://msrc.microsoft.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "CVE-2026-5947 SIG(0) validation during query flood may lead to undefined behavior - VEX",
        "url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-5947.json"
      },
      {
        "category": "external",
        "summary": "Microsoft Support Lifecycle",
        "url": "https://support.microsoft.com/lifecycle"
      },
      {
        "category": "external",
        "summary": "Common Vulnerability Scoring System",
        "url": "https://www.first.org/cvss"
      }
    ],
    "title": "SIG(0) validation during query flood may lead to undefined behavior",
    "tracking": {
      "current_release_date": "2026-05-23T01:01:45.000Z",
      "generator": {
        "date": "2026-05-23T07:14:23.843Z",
        "engine": {
          "name": "MSRC Generator",
          "version": "1.0"
        }
      },
      "id": "msrc_CVE-2026-5947",
      "initial_release_date": "2026-05-02T00:00:00.000Z",
      "revision_history": [
        {
          "date": "2026-05-23T01:01:45.000Z",
          "legacy_version": "1",
          "number": "1",
          "summary": "Information published."
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "3.0",
                "product": {
                  "name": "Azure Linux 3.0",
                  "product_id": "17084"
                }
              }
            ],
            "category": "product_name",
            "name": "Azure Linux"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cazl3 bind 0:9.20.21-1.azl3",
                "product": {
                  "name": "\u003cazl3 bind 0:9.20.21-1.azl3",
                  "product_id": "1"
                }
              },
              {
                "category": "product_version",
                "name": "azl3 bind 0:9.20.21-1.azl3",
                "product": {
                  "name": "azl3 bind 0:9.20.21-1.azl3",
                  "product_id": "21351"
                }
              }
            ],
            "category": "product_name",
            "name": "bind"
          }
        ],
        "category": "vendor",
        "name": "Microsoft"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003cazl3 bind 0:9.20.21-1.azl3 as a component of Azure Linux 3.0",
          "product_id": "17084-1"
        },
        "product_reference": "1",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "azl3 bind 0:9.20.21-1.azl3 as a component of Azure Linux 3.0",
          "product_id": "21351-17084"
        },
        "product_reference": "21351",
        "relates_to_product_reference": "17084"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-5947",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "general",
          "text": "isc",
          "title": "Assigning CNA"
        }
      ],
      "product_status": {
        "fixed": [
          "21351-17084"
        ],
        "known_affected": [
          "17084-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-5947 SIG(0) validation during query flood may lead to undefined behavior - VEX",
          "url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-5947.json"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-23T01:01:45.000Z",
          "details": "0:9.20.23-1.azl3:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
          "product_ids": [
            "17084-1"
          ],
          "url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "environmentalsScore": 0.0,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 7.5,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "17084-1"
          ]
        }
      ],
      "title": "SIG(0) validation during query flood may lead to undefined behavior"
    }
  ]
}

RHSA-2026:7412

Vulnerability from csaf_redhat - Published: 2026-04-10 18:39 - Updated: 2026-06-01 08:06

Summary

Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

Severity

Important

Notes

Topic: An update for Red Hat Hardened Images RPMs is now available.

Details: This update includes the following RPMs: bind: * bind-9.18.48-1.1.hum1 (aarch64, x86_64) * bind-chroot-9.18.48-1.1.hum1 (aarch64, x86_64) * bind-devel-9.18.48-1.1.hum1 (aarch64, x86_64) * bind-dnssec-utils-9.18.48-1.1.hum1 (aarch64, x86_64) * bind-doc-9.18.48-1.1.hum1 (noarch) * bind-libs-9.18.48-1.1.hum1 (aarch64, x86_64) * bind-utils-9.18.48-1.1.hum1 (aarch64, x86_64) * bind-9.18.48-1.1.hum1.src (src)

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2026-3593

A flaw was found in the BIND (Berkeley Internet Name Domain) DNS-over-HTTPS implementation. A remote attacker could send specially crafted HTTP/2 traffic to a DNS-over-HTTPS endpoint, leading to a use-after-free vulnerability. This could trigger memory corruption, potentially allowing the attacker to cause a denial of service or, in some cases, execute arbitrary code.

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H

CWE-825 - Expired Pointer Dereference

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Hardened Images:bind-main@aarch64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Hardened Images:bind-main@noarch	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Hardened Images:bind-main@src	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Hardened Images:bind-main@x86_64	—	Vendor Fix fix Workaround

Threats

Impact Important

CVE-2026-5947

A flaw was found in BIND. A remote attacker could exploit a race condition during SIG(0) signature validation of an incoming DNS message. If the "recursive-clients" limit is reached and the message is discarded, a use-after-free vulnerability may occur. This could lead to undefined behavior and potentially result in a denial of service.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Hardened Images:bind-main@aarch64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Hardened Images:bind-main@noarch	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Hardened Images:bind-main@src	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Hardened Images:bind-main@x86_64	—	Vendor Fix fix Workaround

Threats

Impact Important

References

14 references

URL	Category
https://access.redhat.com/errata/RHSA-2026:7412	self
https://images.redhat.com/	external
https://access.redhat.com/security/cve/CVE-2026-3593	external
https://access.redhat.com/security/updates/classi…	external
https://access.redhat.com/security/cve/CVE-2026-5947	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2026-3593	self
https://bugzilla.redhat.com/show_bug.cgi?id=2479770	external
https://www.cve.org/CVERecord?id=CVE-2026-3593	external
https://nvd.nist.gov/vuln/detail/CVE-2026-3593	external
https://access.redhat.com/security/cve/CVE-2026-5947	self
https://bugzilla.redhat.com/show_bug.cgi?id=2479772	external
https://www.cve.org/CVERecord?id=CVE-2026-5947	external
https://nvd.nist.gov/vuln/detail/CVE-2026-5947	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for Red Hat Hardened Images RPMs is now available.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "This update includes the following RPMs:\n\nbind:\n  * bind-9.18.48-1.1.hum1 (aarch64, x86_64)\n  * bind-chroot-9.18.48-1.1.hum1 (aarch64, x86_64)\n  * bind-devel-9.18.48-1.1.hum1 (aarch64, x86_64)\n  * bind-dnssec-utils-9.18.48-1.1.hum1 (aarch64, x86_64)\n  * bind-doc-9.18.48-1.1.hum1 (noarch)\n  * bind-libs-9.18.48-1.1.hum1 (aarch64, x86_64)\n  * bind-utils-9.18.48-1.1.hum1 (aarch64, x86_64)\n  * bind-9.18.48-1.1.hum1.src (src)",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2026:7412",
        "url": "https://access.redhat.com/errata/RHSA-2026:7412"
      },
      {
        "category": "external",
        "summary": "https://images.redhat.com/",
        "url": "https://images.redhat.com/"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-3593",
        "url": "https://access.redhat.com/security/cve/CVE-2026-3593"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/",
        "url": "https://access.redhat.com/security/updates/classification/"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-5947",
        "url": "https://access.redhat.com/security/cve/CVE-2026-5947"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_7412.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update",
    "tracking": {
      "current_release_date": "2026-06-01T08:06:27+00:00",
      "generator": {
        "date": "2026-06-01T08:06:27+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.1"
        }
      },
      "id": "RHSA-2026:7412",
      "initial_release_date": "2026-04-10T18:39:00+00:00",
      "revision_history": [
        {
          "date": "2026-04-10T18:39:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2026-05-21T14:21:03+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-01T08:06:27+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Hardened Images",
                "product": {
                  "name": "Red Hat Hardened Images",
                  "product_id": "Red Hat Hardened Images",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:hummingbird:1"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Hardened Images"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "bind-main@aarch64",
                "product": {
                  "name": "bind-main@aarch64",
                  "product_id": "bind-main@aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/bind@9.18.48-1.1.hum1?arch=aarch64\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-aarch64-rpms"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "bind-main@src",
                "product": {
                  "name": "bind-main@src",
                  "product_id": "bind-main@src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/bind@9.18.48-1.1.hum1?arch=src\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-source-rpms"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "bind-main@x86_64",
                "product": {
                  "name": "bind-main@x86_64",
                  "product_id": "bind-main@x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/bind@9.18.48-1.1.hum1?arch=x86_64\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-x86_64-rpms"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "bind-main@noarch",
                "product": {
                  "name": "bind-main@noarch",
                  "product_id": "bind-main@noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/bind-doc@9.18.48-1.1.hum1?arch=noarch\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-x86_64-rpms"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "bind-main@aarch64 as a component of Red Hat Hardened Images",
          "product_id": "Red Hat Hardened Images:bind-main@aarch64"
        },
        "product_reference": "bind-main@aarch64",
        "relates_to_product_reference": "Red Hat Hardened Images"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "bind-main@noarch as a component of Red Hat Hardened Images",
          "product_id": "Red Hat Hardened Images:bind-main@noarch"
        },
        "product_reference": "bind-main@noarch",
        "relates_to_product_reference": "Red Hat Hardened Images"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "bind-main@src as a component of Red Hat Hardened Images",
          "product_id": "Red Hat Hardened Images:bind-main@src"
        },
        "product_reference": "bind-main@src",
        "relates_to_product_reference": "Red Hat Hardened Images"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "bind-main@x86_64 as a component of Red Hat Hardened Images",
          "product_id": "Red Hat Hardened Images:bind-main@x86_64"
        },
        "product_reference": "bind-main@x86_64",
        "relates_to_product_reference": "Red Hat Hardened Images"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-3593",
      "cwe": {
        "id": "CWE-825",
        "name": "Expired Pointer Dereference"
      },
      "discovery_date": "2026-05-19T09:55:25.800000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2479770"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the BIND (Berkeley Internet Name Domain) DNS-over-HTTPS implementation. A remote attacker could send specially crafted HTTP/2 traffic to a DNS-over-HTTPS endpoint, leading to a use-after-free vulnerability. This could trigger memory corruption, potentially allowing the attacker to cause a denial of service or, in some cases, execute arbitrary code.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "bind: Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Important: A heap use-after-free vulnerability in BIND\u0027s DNS-over-HTTPS implementation allows a remote attacker to trigger memory corruption by sending crafted HTTP/2 traffic to a DNS-over-HTTPS endpoint. This affects both authoritative servers and resolvers configured to use DNS-over-HTTPS, potentially leading to denial of service or other impacts.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Hardened Images:bind-main@aarch64",
          "Red Hat Hardened Images:bind-main@noarch",
          "Red Hat Hardened Images:bind-main@src",
          "Red Hat Hardened Images:bind-main@x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-3593"
        },
        {
          "category": "external",
          "summary": "RHBZ#2479770",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479770"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-3593",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-3593"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-3593",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-3593"
        }
      ],
      "release_date": "2026-05-21T11:59:02.348000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-04-10T18:39:00+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
          "product_ids": [
            "Red Hat Hardened Images:bind-main@aarch64",
            "Red Hat Hardened Images:bind-main@noarch",
            "Red Hat Hardened Images:bind-main@src",
            "Red Hat Hardened Images:bind-main@x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:7412"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "Red Hat Hardened Images:bind-main@aarch64",
            "Red Hat Hardened Images:bind-main@noarch",
            "Red Hat Hardened Images:bind-main@src",
            "Red Hat Hardened Images:bind-main@x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Hardened Images:bind-main@aarch64",
            "Red Hat Hardened Images:bind-main@noarch",
            "Red Hat Hardened Images:bind-main@src",
            "Red Hat Hardened Images:bind-main@x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "bind: Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation"
    },
    {
      "cve": "CVE-2026-5947",
      "cwe": {
        "id": "CWE-367",
        "name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
      },
      "discovery_date": "2026-05-19T09:59:51.277000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2479772"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in BIND. A remote attacker could exploit a race condition during SIG(0) signature validation of an incoming DNS message. If the \"recursive-clients\" limit is reached and the message is discarded, a use-after-free vulnerability may occur. This could lead to undefined behavior and potentially result in a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "bind: SIG(0) validation during query flood may lead to undefined behavior",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Important: A race condition in BIND\u0027s SIG(0) validation process can lead to undefined behavior and a denial of service when the server is under a query flood and processing signed DNS messages. This flaw could disrupt critical DNS resolution services in Red Hat environments.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Hardened Images:bind-main@aarch64",
          "Red Hat Hardened Images:bind-main@noarch",
          "Red Hat Hardened Images:bind-main@src",
          "Red Hat Hardened Images:bind-main@x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-5947"
        },
        {
          "category": "external",
          "summary": "RHBZ#2479772",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479772"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-5947",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-5947"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-5947",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5947"
        }
      ],
      "release_date": "2026-05-21T12:15:50.513000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-04-10T18:39:00+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
          "product_ids": [
            "Red Hat Hardened Images:bind-main@aarch64",
            "Red Hat Hardened Images:bind-main@noarch",
            "Red Hat Hardened Images:bind-main@src",
            "Red Hat Hardened Images:bind-main@x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:7412"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "Red Hat Hardened Images:bind-main@aarch64",
            "Red Hat Hardened Images:bind-main@noarch",
            "Red Hat Hardened Images:bind-main@src",
            "Red Hat Hardened Images:bind-main@x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Hardened Images:bind-main@aarch64",
            "Red Hat Hardened Images:bind-main@noarch",
            "Red Hat Hardened Images:bind-main@src",
            "Red Hat Hardened Images:bind-main@x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "bind: SIG(0) validation during query flood may lead to undefined behavior"
    }
  ]
}

WID-SEC-W-2026-1626

Vulnerability from csaf_certbund - Published: 2026-05-20 22:00 - Updated: 2026-06-08 22:00

Summary

Internet Systems Consortium BIND: Mehrere Schwachstellen

Severity

Mittel

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: BIND (Berkeley Internet Name Domain) ist ein Open-Source-Softwarepaket, das einen Domain-Name-System-Server implementiert.

Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Internet Systems Consortium BIND ausnutzen, um eine Speicherbeschädigung auszulösen oder einen Denial-of-Service-Zustand zu verursachen.

Betroffene Betriebssysteme: - Linux - UNIX - Windows

CVE-2026-3039

Affected products

Known affected 13 products

Product	Identifier	Version
Internet Systems Consortium BIND <9.18.49 Internet Systems Consortium / BIND		<9.18.49
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Infoblox NIOS Infoblox	`cpe:/o:infoblox:nios:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Internet Systems Consortium BIND <9.21.22 Internet Systems Consortium / BIND		<9.21.22
Internet Systems Consortium BIND <9.20.23 Internet Systems Consortium / BIND		<9.20.23
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—

CVE-2026-3592

Affected products

Known affected 13 products

Product	Identifier	Version
Internet Systems Consortium BIND <9.18.49 Internet Systems Consortium / BIND		<9.18.49
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Infoblox NIOS Infoblox	`cpe:/o:infoblox:nios:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Internet Systems Consortium BIND <9.21.22 Internet Systems Consortium / BIND		<9.21.22
Internet Systems Consortium BIND <9.20.23 Internet Systems Consortium / BIND		<9.20.23
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—

CVE-2026-5946

Affected products

Known affected 13 products

Product	Identifier	Version
Internet Systems Consortium BIND <9.18.49 Internet Systems Consortium / BIND		<9.18.49
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Infoblox NIOS Infoblox	`cpe:/o:infoblox:nios:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Internet Systems Consortium BIND <9.21.22 Internet Systems Consortium / BIND		<9.21.22
Internet Systems Consortium BIND <9.20.23 Internet Systems Consortium / BIND		<9.20.23
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—

CVE-2026-5950

Affected products

Known affected 13 products

Product	Identifier	Version
Internet Systems Consortium BIND <9.18.49 Internet Systems Consortium / BIND		<9.18.49
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Infoblox NIOS Infoblox	`cpe:/o:infoblox:nios:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Internet Systems Consortium BIND <9.21.22 Internet Systems Consortium / BIND		<9.21.22
Internet Systems Consortium BIND <9.20.23 Internet Systems Consortium / BIND		<9.20.23
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—

CVE-2026-3593

Affected products

Known affected 12 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Infoblox NIOS Infoblox	`cpe:/o:infoblox:nios:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Internet Systems Consortium BIND <9.21.22 Internet Systems Consortium / BIND		<9.21.22
Internet Systems Consortium BIND <9.20.23 Internet Systems Consortium / BIND		<9.20.23

CVE-2026-5947

Affected products

Known affected 12 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Infoblox NIOS Infoblox	`cpe:/o:infoblox:nios:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Internet Systems Consortium BIND <9.21.22 Internet Systems Consortium / BIND		<9.21.22
Internet Systems Consortium BIND <9.20.23 Internet Systems Consortium / BIND		<9.20.23

References

34 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://downloads.isc.org/isc/bind9/9.18.49/	external
https://downloads.isc.org/isc/bind9/9.20.23/	external
https://downloads.isc.org/isc/bind9/9.21.22/	external
https://kb.isc.org/docs/cve-2026-3039	external
https://kb.isc.org/docs/cve-2026-3592	external
https://kb.isc.org/docs/cve-2026-3593	external
https://kb.isc.org/docs/cve-2026-5946	external
https://kb.isc.org/docs/cve-2026-5947	external
https://kb.isc.org/docs/cve-2026-5950	external
https://support.infoblox.com/s/article/Infoblox-N…	external
https://lists.debian.org/debian-security-announce…	external
https://ubuntu.com/security/notices/USN-8293-1	external
https://bodhi.fedoraproject.org/updates/FEDORA-20…	external
https://access.redhat.com/errata/RHSA-2026:7412	external
https://bodhi.fedoraproject.org/updates/FEDORA-20…	external
https://access.redhat.com/errata/RHSA-2026:20334	external
https://bodhi.fedoraproject.org/updates/FEDORA-20…	external
https://lists.opensuse.org/archives/list/security…	external
https://linux.oracle.com/errata/ELSA-2026-23360.html	external
https://access.redhat.com/errata/RHSA-2026:23360	external
https://lists.opensuse.org/archives/list/security…	external
https://bodhi.fedoraproject.org/updates/FEDORA-20…	external
https://bodhi.fedoraproject.org/updates/FEDORA-20…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://errata.build.resf.org/RLSA-2026:23360	external
https://access.redhat.com/errata/RHSA-2026:24338	external
https://access.redhat.com/errata/RHSA-2026:24367	external
https://access.redhat.com/errata/RHSA-2026:24339	external
https://alas.aws.amazon.com/AL2/ALAS2-2026-3353.html	external
https://alas.aws.amazon.com/AL2/ALAS2-2026-3321.html	external
https://access.redhat.com/errata/RHSA-2026:24368	external
http://linux.oracle.com/errata/ELSA-2026-24339.html	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "BIND (Berkeley Internet Name Domain) ist ein Open-Source-Softwarepaket, das einen Domain-Name-System-Server implementiert.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Internet Systems Consortium BIND ausnutzen, um eine Speicherbesch\u00e4digung auszul\u00f6sen oder einen Denial-of-Service-Zustand zu verursachen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2026-1626 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1626.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2026-1626 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1626"
      },
      {
        "category": "external",
        "summary": "Bind Version 9.18.49 vom 2026-05-20",
        "url": "https://downloads.isc.org/isc/bind9/9.18.49/"
      },
      {
        "category": "external",
        "summary": "Bind Version 9.20.23 vom 2026-05-20",
        "url": "https://downloads.isc.org/isc/bind9/9.20.23/"
      },
      {
        "category": "external",
        "summary": "Bind Version 9.21.22 vom 2026-05-20",
        "url": "https://downloads.isc.org/isc/bind9/9.21.22/"
      },
      {
        "category": "external",
        "summary": "ISC Vulnerability CVE-2026-3039: BIND 9 server memory exhaustion during GSS-API TKEY negotiation vom 2026-05-20",
        "url": "https://kb.isc.org/docs/cve-2026-3039"
      },
      {
        "category": "external",
        "summary": "ISC Vulnerability CVE-2026-3592: Amplification vulnerabilities via self-pointed glue records vom 2026-05-20",
        "url": "https://kb.isc.org/docs/cve-2026-3592"
      },
      {
        "category": "external",
        "summary": "ISC Vulnerability CVE-2026-3593: Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation vom 2026-05-20",
        "url": "https://kb.isc.org/docs/cve-2026-3593"
      },
      {
        "category": "external",
        "summary": "ISC Vulnerability CVE-2026-5946: Invalid handling of CLASS != IN vom 2026-05-20",
        "url": "https://kb.isc.org/docs/cve-2026-5946"
      },
      {
        "category": "external",
        "summary": "ISC Vulnerability CVE-2026-5947: SIG(0) validation during query flood may lead to undefined behavior vom 2026-05-20",
        "url": "https://kb.isc.org/docs/cve-2026-5947"
      },
      {
        "category": "external",
        "summary": "ISC Vulnerability CVE-2026-5950: Unbounded resend loop in BIND 9 resolver vom 2026-05-20",
        "url": "https://kb.isc.org/docs/cve-2026-5950"
      },
      {
        "category": "external",
        "summary": "Infoblox Advisory 5950 vom 2026-05-21",
        "url": "https://support.infoblox.com/s/article/Infoblox-NIOS-is-vulnerable-to-BIND-CVEs-000011898"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-6285 vom 2026-05-21",
        "url": "https://lists.debian.org/debian-security-announce/2026/msg00196.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-8293-1 vom 2026-05-21",
        "url": "https://ubuntu.com/security/notices/USN-8293-1"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2026-411248C8D9 vom 2026-05-21",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2026-411248c8d9"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:7412 vom 2026-05-21",
        "url": "https://access.redhat.com/errata/RHSA-2026:7412"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2026-B626E83A45 vom 2026-05-21",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2026-b626e83a45"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:20334 vom 2026-05-22",
        "url": "https://access.redhat.com/errata/RHSA-2026:20334"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2026-F3E466EA26 vom 2026-05-25",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2026-f3e466ea26"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2026:10874-1 vom 2026-05-29",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZBFTOKBLT6N2MLN2HMBY53GPPUNLRZIN/"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2026-23360 vom 2026-06-05",
        "url": "https://linux.oracle.com/errata/ELSA-2026-23360.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:23360 vom 2026-06-04",
        "url": "https://access.redhat.com/errata/RHSA-2026:23360"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2026:10915-1 vom 2026-06-03",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QLTNAB7LWVOD4ZHQ2PI6W4ZTHKKIVEH2/"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2026-DBB0776AC5 vom 2026-06-05",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2026-dbb0776ac5"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2026-EC095A4675 vom 2026-06-05",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2026-ec095a4675"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:2289-1 vom 2026-06-05",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026596.html"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2026:23360 vom 2026-06-06",
        "url": "https://errata.build.resf.org/RLSA-2026:23360"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:24338 vom 2026-06-08",
        "url": "https://access.redhat.com/errata/RHSA-2026:24338"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:24367 vom 2026-06-08",
        "url": "https://access.redhat.com/errata/RHSA-2026:24367"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:24339 vom 2026-06-08",
        "url": "https://access.redhat.com/errata/RHSA-2026:24339"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2-2026-3353 vom 2026-06-09",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2-2026-3353.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2-2026-3321 vom 2026-06-09",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2-2026-3321.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:24368 vom 2026-06-08",
        "url": "https://access.redhat.com/errata/RHSA-2026:24368"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2026-24339 vom 2026-06-08",
        "url": "http://linux.oracle.com/errata/ELSA-2026-24339.html"
      }
    ],
    "source_lang": "en-US",
    "title": "Internet Systems Consortium BIND: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2026-06-08T22:00:00.000+00:00",
      "generator": {
        "date": "2026-06-09T08:41:51.143+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.6.0"
        }
      },
      "id": "WID-SEC-W-2026-1626",
      "initial_release_date": "2026-05-20T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2026-05-20T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2026-05-21T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Ubuntu, Fedora und Red Hat aufgenommen"
        },
        {
          "date": "2026-05-25T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Fedora aufgenommen"
        },
        {
          "date": "2026-05-31T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von openSUSE aufgenommen"
        },
        {
          "date": "2026-06-04T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Oracle Linux, Red Hat und openSUSE aufgenommen"
        },
        {
          "date": "2026-06-07T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Fedora, SUSE, Rocky Enterprise Software Foundation und Red Hat aufgenommen"
        },
        {
          "date": "2026-06-08T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Amazon, Red Hat und Oracle Linux aufgenommen"
        }
      ],
      "status": "final",
      "version": "7"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Fedora Linux",
            "product": {
              "name": "Fedora Linux",
              "product_id": "74185",
              "product_identification_helper": {
                "cpe": "cpe:/o:fedoraproject:fedora:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Fedora"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Infoblox NIOS",
            "product": {
              "name": "Infoblox NIOS",
              "product_id": "T014068",
              "product_identification_helper": {
                "cpe": "cpe:/o:infoblox:nios:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Infoblox"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c9.18.49",
                "product": {
                  "name": "Internet Systems Consortium BIND \u003c9.18.49",
                  "product_id": "T054453"
                }
              },
              {
                "category": "product_version",
                "name": "9.18.49",
                "product": {
                  "name": "Internet Systems Consortium BIND 9.18.49",
                  "product_id": "T054453-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:isc:bind:9.18.49"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c9.20.23",
                "product": {
                  "name": "Internet Systems Consortium BIND \u003c9.20.23",
                  "product_id": "T054454"
                }
              },
              {
                "category": "product_version",
                "name": "9.20.23",
                "product": {
                  "name": "Internet Systems Consortium BIND 9.20.23",
                  "product_id": "T054454-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:isc:bind:9.20.23"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c9.21.22",
                "product": {
                  "name": "Internet Systems Consortium BIND \u003c9.21.22",
                  "product_id": "T054455"
                }
              },
              {
                "category": "product_version",
                "name": "9.21.22",
                "product": {
                  "name": "Internet Systems Consortium BIND 9.21.22",
                  "product_id": "T054455-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:isc:bind:9.21.22"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "BIND"
          }
        ],
        "category": "vendor",
        "name": "Internet Systems Consortium"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "RESF Rocky Linux",
            "product": {
              "name": "RESF Rocky Linux",
              "product_id": "T032255",
              "product_identification_helper": {
                "cpe": "cpe:/o:resf:rocky_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "RESF"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "SUSE openSUSE",
            "product": {
              "name": "SUSE openSUSE",
              "product_id": "T027843",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:opensuse:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-3039",
      "product_status": {
        "known_affected": [
          "T054453",
          "67646",
          "T004914",
          "T014068",
          "T032255",
          "74185",
          "T054455",
          "T054454",
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363"
        ]
      },
      "release_date": "2026-05-20T22:00:00.000+00:00",
      "title": "CVE-2026-3039"
    },
    {
      "cve": "CVE-2026-3592",
      "product_status": {
        "known_affected": [
          "T054453",
          "67646",
          "T004914",
          "T014068",
          "T032255",
          "74185",
          "T054455",
          "T054454",
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363"
        ]
      },
      "release_date": "2026-05-20T22:00:00.000+00:00",
      "title": "CVE-2026-3592"
    },
    {
      "cve": "CVE-2026-5946",
      "product_status": {
        "known_affected": [
          "T054453",
          "67646",
          "T004914",
          "T014068",
          "T032255",
          "74185",
          "T054455",
          "T054454",
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363"
        ]
      },
      "release_date": "2026-05-20T22:00:00.000+00:00",
      "title": "CVE-2026-5946"
    },
    {
      "cve": "CVE-2026-5950",
      "product_status": {
        "known_affected": [
          "T054453",
          "67646",
          "T004914",
          "T014068",
          "T032255",
          "74185",
          "T054455",
          "T054454",
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363"
        ]
      },
      "release_date": "2026-05-20T22:00:00.000+00:00",
      "title": "CVE-2026-5950"
    },
    {
      "cve": "CVE-2026-3593",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T027843",
          "398363",
          "T004914",
          "T014068",
          "T032255",
          "74185",
          "T054455",
          "T054454"
        ]
      },
      "release_date": "2026-05-20T22:00:00.000+00:00",
      "title": "CVE-2026-3593"
    },
    {
      "cve": "CVE-2026-5947",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T027843",
          "398363",
          "T004914",
          "T014068",
          "T032255",
          "74185",
          "T054455",
          "T054454"
        ]
      },
      "release_date": "2026-05-20T22:00:00.000+00:00",
      "title": "CVE-2026-5947"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-5947 (GCVE-0-2026-5947)

CERTFR-2026-AVI-0626

Solutions

FKIE_CVE-2026-5947

GHSA-6MM6-M775-CHPM

MSRC_CVE-2026-5947

RHSA-2026:7412

WID-SEC-W-2026-1626

Tags

Sightings

Nomenclature