- Description
- Multiple flaws have been identified in `named` related to the handling of DNS messages whose CLASS is not Internet (`IN`) — for example, `CHAOS` or `HESIOD`, or DNS messages that specify meta-classes (`ANY` or `NONE`) in the question section. Specially crafted requests reaching the affected code paths — recursion, dynamic updates (`UPDATE`), zone change notifications (`NOTIFY`), or processing of `IN`-specific record types in non-`IN` data — can cause assertion failures in `named`. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.
- Source
- security-officer@isc.org
- NVD status
- Analyzed
- Products
- bind
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
- security-officer@isc.org
- CWE-20
- Hype score
- Not currently trending
【BINDに複数脆弱性、DNS運用者は更新確認を】 JVNは、BINDに複数の脆弱性が存在すると公表しました。 対象には CVE-2026-3039、CVE-2026-3592、CVE-2026-3593、CVE-2026-5946、CVE-2026-5947、CVE-2026-5950 が含まれ、サービス運用
@01ra66it
25 May 2026
209 Impressions
1 Retweet
2 Likes
0 Bookmarks
0 Replies
0 Quotes
【ISC BINDに複数脆弱性、DNS可用性への影響に注意】 JVNは、ISC BINDにおける複数の脆弱性を公開しました。対象にはCVE-2026-3039、CVE-2026-3592、CVE-2026-3593、CVE-2026-5946、CVE-2026-5947、CVE-2026-5950が含まれ、DoS、メモリ破
@01ra66it
23 May 2026
167 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【BIND 9に複数脆弱性、DNS運用者は更新確認を】 JVNは、ISC BINDにおける複数の脆弱性を公表しました。対象にはCVE-2026-3039、CVE-2026-3592、CVE-2026-3593、CVE-2026-5946、CVE-2026-5947、CVE-2026-5950が含まれます。
@01ra66it
21 May 2026
202 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
JVNVU#99225456: ISC BINDにおける複数の脆弱性(2026年5月) https://t.co/CVPAVe4C8c "遠隔の攻撃者によって、サービス運用妨害(DoS)攻撃を引き起こされる(CVE-2026-3039、CVE-2026-3592、CVE-2026-5946、CVE-2026-5947、CVE-2026-5950)" h
@catnap707
21 May 2026
181 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
BIND9の脆弱性(High: CVE-2026-3039, CVE-2026-3593, CVE-2026-5946, CVE-2026-5947, Medium: CVE-206-3592, CVE-206-5950)と9.18.49, 9.20.23, 9.21.22公開 #sios_tech #security #vulnerability #セキュリティ #脆弱性 #dns #bind https://t.co/C3ftLMSEDR
@omokazuki
20 May 2026
306 Impressions
4 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*",
"matchCriteriaId": "9EC5B9B1-25F2-48CA-9E8A-59D8E81D408A",
"versionEndIncluding": "9.16.50",
"versionStartIncluding": "9.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*",
"matchCriteriaId": "49533F8C-D7B5-450A-8808-7E1C76F4FAE4",
"versionEndExcluding": "9.18.49",
"versionStartIncluding": "9.18.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*",
"matchCriteriaId": "D92461F1-BA01-479E-B740-38855CC216E6",
"versionEndExcluding": "9.20.23",
"versionStartIncluding": "9.20.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*",
"matchCriteriaId": "B254E8E7-3F57-4552-ACBF-623FA481B697",
"versionEndExcluding": "9.21.22",
"versionStartIncluding": "9.21.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]