You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
isc bind 9
About this tag
ISC BIND 9 is a widely used DNS server software that intersects with Windows environments, particularly in Active Directory-integrated and Kerberos-secured networks. Recent discussions on WindowsForum.com highlight high-severity denial-of-service vulnerabilities in BIND 9, such as CVE-2026-5946 and CVE-2026-3039, which can crash or exhaust memory in the named DNS server via specially crafted messages. These flaws affect authoritative and recursive DNS services, potentially disrupting authentication, patching, mail flow, and monitoring in Windows estates. While not Windows-native, BIND 9's role in mixed infrastructure means Windows administrators must patch it to maintain DNS availability and security.
CVE-2026-5946 is a high-severity denial-of-service vulnerability disclosed on May 20, 2026, in ISC BIND 9’s named DNS server, where specially crafted non-Internet-class DNS messages can trigger assertion failures and crash affected authoritative or recursive DNS services. The bug is not...
CVE-2026-3039 is a high-severity remote denial-of-service flaw disclosed on May 20, 2026, in ISC BIND 9, where servers using GSS-API TKEY authentication can leak memory while processing maliciously crafted negotiation packets, eventually exhausting named and breaking DNS service. The bug is not...