BIND 9 Vulnerability Allows Remote DNS Server Crashes via Malicious Records

BIND 9 Vulnerability Allows Remote DNS Server Crashes via Malicious Records

First seen 22 Jan 2026, 21:42 UTC CybersecuritynewsGbhackersCyberpress 88% similarity 30.6

Article Content

Browse articles
ThreatCluster

A high-severity vulnerability in BIND 9, tracked as CVE-2025-13878, allows remote attackers to crash DNS servers by sending specially crafted malformed DNS records. This flaw affects the widely used DNS server software, potentially disrupting critical internet infrastructure and services. The vulnerability is linked to the handling of malformed BRID and HHIT records.

ThreatCluster AI

Timeline

Date unknown
Vulnerability disclosed
Recent
Exploit released
Date unknown
Patch released

Community

Browse all →